CVE-2020-8895

Name of the Vulnerable Software and Affected Versions Google Earth Pro versions prior to 7.3.3

Description The issue allows an attacker to execute unauthenticated remote code on the targeted system by inserting malicious local files, utilizing a technique known as DLL hijacking. This is made possible due to an Untrusted Search Path vulnerability in the Windows installer of the affected software.

Recommendations For Google Earth Pro versions prior to 7.3.3, update to version 7.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the Windows installer to minimize the risk of exploitation.