CVE-2023-5463

Name of the Vulnerable Software and Affected Versions XINJE XDPPro versions up to 3.7.17a

Description A critical issue affects some unknown functionality in the library cfgmgr32.dll, leading to an uncontrolled search path. The manipulation can be exploited locally. The issue has been publicly disclosed and may be used for attacks. The vendor was contacted about this disclosure but did not respond.

Recommendations For XINJE XDPPro versions up to 3.7.17a, consider restricting access to the library cfgmgr32.dll to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.