PT-2017-15249 · Unknown · Rw-4040 Tool

Published

2017-06-09

Updated

2018-10-04

CVE-2017-2190

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions RW-4040 tool version 1.2.0.0

Description The issue concerns an untrusted search path vulnerability that allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This can be exploited to elevate privileges.

Recommendations For RW-4040 tool version 1.2.0.0, consider restricting access to sensitive directories to minimize the risk of exploitation until a patch is available. As a temporary workaround, ensure that all DLL files are verified and trusted before loading them into the execution environment.

Fix

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426

Related Identifiers

CVE-2017-2190

Affected Products

Rw-4040 Tool

PT-2017-15249 · Unknown · Rw-4040 Tool

CVE-2017-2190

Weakness Enumeration

Related Identifiers

Affected Products

References · 4