CVE-2021-45975

Name of the Vulnerable Software and Affected Versions Acer Care Center versions 4.x before 4.00.3038

Description The issue is due to incorrect handling of directory search paths at run time in the loading mechanism of Windows DLLs, allowing a local attacker to perform a DLL hijacking attack. An attacker could exploit this by placing a malicious DLL file on the targeted system, which will execute when the vulnerable application launches, potentially allowing the attacker to execute arbitrary code on the targeted system with local administrator privileges.

Recommendations For Acer Care Center versions 4.x before 4.00.3038, update to version 4.00.3038 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable ListCheck.exe application until a patch is applied. Avoid placing untrusted DLL files on the system to minimize the risk of exploitation.