Submit #378138: Iobit iTop Data Recovery Pro 4.4.0.687 Uncontrolled Search Pathinfo

TitleIobit iTop Data Recovery Pro 4.4.0.687 Uncontrolled Search Path
DescriptionA BPL sideloading vulnerability has been discovered in iTop Data Recovery Pro Version 4.4.0.687 When a user open the IDRBackup.exe file, the application will load the following BPL from the same directory: madbasic_.bpl Using a crafted BPL, it is possible to execute arbitrary code in the context of the current logged in user. Currently there are cybercriminals who are taking advantage of the Crowdstrike problem to distribute malware by abusing the Iobit tool. https://www.crowdstrike.com/blog/likely-ecrime-actor-capitalizing-on-falcon-sensor-issues/ SHA256 5ae3838d77c2102766538f783d0a4b4205e7d2cdba4e0ad2ab332dc8ab32fea9
User
 daniel.soriano (UID 72214)
Submission21.07.2024 08:28 (4 months ago)
Moderation31.07.2024 14:06 (10 days later)
StatusAkzeptiert
VulDB Entry273247
Points17

Do you need the next level of professionalism?

Upgrade your account now!