CVE-2023-49114

Name of the Vulnerable Software and Affected Versions Qognify VMS Client Viewer versions 7.1 and higher

Description A DLL hijacking issue was identified, allowing local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if specific pre-conditions are met.

Recommendations For Qognify VMS Client Viewer versions 7.1 and higher, consider restricting access to sensitive areas of the system to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling any functionality that relies on loading external DLLs until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this issue.