| tiêu đề | Iobit DualSafe Password Manager 1.4.0.3 Uncontrolled Search Path |
|---|
| Mô tả | A BPL sideloading vulnerability has been discovered in DualSafe Password Manager Version x.x.x.x
When a user open the DPMInit.exe file (01 PROCESO JUDICIAL.exe renamed by the threat actor), the application will load the following BPL from the same directory:
RTL120.BPL
Using a crafted BPL, it is possible to execute arbitrary code in the context of the current logged in user.
Currently there are cybercriminals who are taking advantage of this vulnerabilty to install malware.
https://any.run/report/83ad64953b03ce408f057d36c74e17fc84440f65471ca730829d536630ffaec2/0e5de174-026b-4291-b0e9-d65c126bac73
SHA256: 26a24d3b0206c6808615c7049859c2fe62c4dcd87e7858be40ae8112b0482616 |
|---|
| Nguồn | ⚠️ https://lab52.io/blog/dll-side-loading-through-iobit-against-colombia/ |
|---|
| Người dùng | daniel.soriano (UID 72214) |
|---|
| Đệ trình | 21/07/2024 09:08 (cách đây 2 những năm) |
|---|
| Kiểm duyệt | 31/07/2024 14:06 (10 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 273249 [IObit DualSafe Password Manager 1.4.0.3 BPL RTL120.BPL nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|