PT-2025-50343 · Unknown+1 · Meaism.Dll+1

Mushroomsecteam

Publicado

2025-12-10

Atualizado

2025-12-14

CVE-2025-34419

CVSS v4.0

8.5

Alta

Vetor

AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions MailEnable versions prior to 10.54

Description MailEnable versions prior to 10.54 have an issue where an attacker can execute code on the system. This happens because the MailEnable administrative executable loads MEAISM.DLL from the installation directory without proper checks. A local attacker who can write to that directory can place a malicious MEAISM.DLL file there. When the executable starts, it loads this malicious file, allowing the attacker to run code with the same permissions as the process.

Recommendations Update MailEnable to version 10.54 or later.

Correção

Uncontrolled Search Path Element

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-427

Identificadores relacionados

CVE-2025-34419

Produtos afetados

Meaism.Dll

Mailenable

PT-2025-50343 · Unknown+1 · Meaism.Dll+1

CVE-2025-34419

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7