CVE-2023-49114

CVE-2023-49114: Local Privilege Escalation via DLL Hijacking

Vendor Qognify
Product VMS Client Viewer
Weakness CWE-427
Published February 26, 2024
Last update February 13, 2025

CVSS base score

What the vulnerability does

01Description

A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met.

Key dates

02Disclosure timeline

February 26, 2024 CVE published
February 13, 2025 Record updated