PT-2025-20654 · Shanghai Bairui Information Technology · Sunloginclient
Ba1_Ma0
·
Published
2025-05-11
·
Updated
2025-05-16
·
CVE-2025-4532
CVSS v2.0
6.0
Medium
| Vector | AV:L/AC:H/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Shanghai Bairui Information Technology SunloginClient version 15.8.3.19819
Description
A critical vulnerability has been found in the library process.dll of the file sunlogin guard.exe, affecting an unknown part. The manipulation leads to an uncontrolled search path. Local access is required to approach this attack, with a rather high complexity and difficult exploitability. The exploit has been disclosed to the public and may be used.
Recommendations
For Shanghai Bairui Information Technology SunloginClient version 15.8.3.19819, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Untrusted Search Path
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sunloginclient