PT-2025-52316 · Microsoft+1 · Wow64Log.Dll+1
Ahsan Azad
·
Published
2025-12-18
·
Updated
2025-12-19
·
CVE-2023-53937
CVSS v4.0
8.5
High
| Vector | AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Hubstaff version 1.6.14
Description
The software contains a DLL search order hijacking issue. An attacker can replace a missing
system32wow64log.dll with a malicious library. By using tools like Metasploit to create a custom DLL and placing it in the system32 directory, an attacker can gain a reverse shell when the application starts.Recommendations
Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the
system32 directory to prevent unauthorized DLL placement.Exploit
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hubstaff
Wow64Log.Dll