PT-2023-26144 · Panda Security · Panda Security Vpn
Heechan Kim
·
Published
2023-07-13
·
Updated
2023-07-27
·
CVE-2023-37849
CVSS v3.1
6.5
Medium
| Vector | AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Panda Security VPN for Windows versions prior to 15.14.8
Description
A DLL hijacking issue allows attackers to execute arbitrary code by placing a crafted DLL file in the same directory as the executable.
Recommendations
For versions prior to 15.14.8, update to version 15.14.8 or later to resolve the issue.
Exploit
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Panda Security Vpn