CVE-2021-1240

Name of the Vulnerable Software and Affected Versions: Cisco Proximity Desktop (affected versions not specified)

Description: The issue is related to an uncontrolled search path element in the loading process of specific DLLs. This could allow an authenticated, local attacker to load a malicious library by placing a malicious DLL file in a specific location on the targeted system. The file will execute when the vulnerable application launches, potentially allowing the attacker to execute arbitrary code on the targeted system with the privileges of another user's account. The vulnerability is due to incorrect handling of directory paths at run time.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.