CVE-2024-25103 MEDIUM

CVE-2024-25103: Dynamic Link Library (DLL) Hijacking Vulnerability in CDAC AppSamvid Software

Vendor Cdac
Product AppSamvid Software
Weakness CWE-426
Published March 6, 2024
Last update September 23, 2024

CVSS base score

6.3/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H

What the vulnerability does

01Description

This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs on the targeted system. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on the targeted system.

Key dates

02Disclosure timeline

March 6, 2024 CVE published
September 23, 2024 Record updated

Related vulnerabilities

04Related CVE