CVE-2023-2417 MEDIUM

CVE-2023-2417: ks-soft Advanced Host Monitor rma_active.exe unquoted search path

Vendor Ks-Soft
Product Advanced Host Monitor
Weakness CWE-428
Published April 29, 2023
Last update January 30, 2025
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Affected by this issue is some unknown functionality of the file C:\Program Files (x86)\HostMonitor\RMA-Win\rma_active.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 12.60 is able to address this issue. It is recommended to upgrade the affected component. VDB-227714 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

April 29, 2023 CVE published
January 30, 2025 Record updated