| 제목 | Iobit Driver Booster 11.0.0.0 Uncontrolled Search Path |
|---|
| 설명 | A BPL sideloading vulnerability has been discovered in Driver Booster Version x.x.x.x
When a user open the RttHlp.exe file (jdekl.exe renamed by the threat actor), the application will load the following BPL from the same directory:
VCL120.BPL
Using a crafted BPL, it is possible to execute arbitrary code in the context of the current logged in user.
Currently there are cybercriminals who are taking advantage of this vulnerabilty to install malware.
https://cyble.com/blog/uac-0184-abuses-python-in-dll-sideloading-for-xworm-distribution/
SHA256: 8aed681ad8d660257c10d2f0e85ae673184055a341901643f27afc38e5ef8473 |
|---|
| 원천 | ⚠️ https://www.helpnetsecurity.com/2024/06/26/malware-bpl-sideloading/ |
|---|
| 사용자 | daniel.soriano (UID 72214) |
|---|
| 제출 | 2024. 07. 21. AM 08:53 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 07. 31. PM 02:06 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 273248 [IObit Driver Booster 11.0.0.0 BPL VCL120.BPL 권한 상승] |
|---|
| 포인트들 | 20 |
|---|