| عنوان | Iobit iTop Data Recovery Pro 4.4.0.687 Uncontrolled Search Path |
|---|
| الوصف | A BPL sideloading vulnerability has been discovered in iTop Data Recovery Pro Version 4.4.0.687
When a user open the IDRBackup.exe file, the
application will load the following BPL from the same directory:
madbasic_.bpl
Using a crafted BPL, it is possible to execute arbitrary code in the
context of the current logged in user.
Currently there are cybercriminals who are taking advantage of the Crowdstrike problem to distribute malware by abusing the Iobit tool.
https://www.crowdstrike.com/blog/likely-ecrime-actor-capitalizing-on-falcon-sensor-issues/
SHA256 5ae3838d77c2102766538f783d0a4b4205e7d2cdba4e0ad2ab332dc8ab32fea9 |
|---|
| المستخدم | daniel.soriano (UID 72214) |
|---|
| ارسال | 21/07/2024 08:28 AM (2 سنوات منذ) |
|---|
| الاعتدال | 31/07/2024 02:06 PM (10 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 273247 [IObit iTop Data Recovery Pro 4.4.0.687 BPL madbasic_.bpl تجاوز الصلاحيات] |
|---|
| النقاط | 17 |
|---|