提出 #580226: Wondershare Filmora 14.5.16 Uncontrolled Search Path情報

タイトルWondershare Filmora 14.5.16 Uncontrolled Search Path
説明Wondershare Filmora V14.5.16 is vulnerable to privilege escalation via DLL hijacking during installation. The installer places NFWCHK.exe, a high-integrity binary—in a user-writable directory, where it insecurely loads CRYPTBASE.dll from the current folder. A low-privileged attacker can pre-create the directory and plant a malicious DLL, which executes with elevated privileges when an administrator runs the installer, enabling arbitrary code execution as Admin.
ソース⚠️ https://gist.github.com/shellkraft/aa66561e984e83052bd080f195a3ec80
ユーザー
 shellkraft (UID 65045)
送信2025年05月18日 17:25 (1 年 ago)
モデレーション2025年05月25日 19:16 (7 days later)
ステータス承諾済み
VulDBエントリ310268 [Wondershare Filmora 14.5.16 Installer NFWCHK.exe 特権昇格]
ポイント20

Want to know what is going to be exploited?

We predict KEV entries!