CVE-2024-53588

Name of the Vulnerable Software and Affected Versions iTop VPN version 16.0

Description A DLL hijacking issue allows attackers to execute arbitrary code by placing a crafted DLL file into the path ProgramDataiTop VPNDownloadervpn6. This enables attackers to trick iTop VPN into loading a fake DLL file, resulting in the execution of malicious code.

Recommendations For iTop VPN version 16.0, as a temporary workaround, consider restricting access to the ProgramDataiTop VPNDownloadervpn6 path to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.