PT-2025-7219 · Rufus · Rufus

Emperialx

Published

2025-02-18

Updated

2025-02-19

CVE-2025-26624

CVSS v4.0

6.8

Medium

Vector

AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions: Rufus versions 4.6.2208 and earlier

Description: Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus allows an attacker to load and execute a malicious DLL with escalated privileges due to the ability to inject a malicious cfgmgr32.dll in the same directory as the executable and have it side load automatically.

Recommendations: For Rufus versions 4.6.2208 and earlier, upgrade to version 4.7 as soon as it becomes available to fix the vulnerability. At the moment, there is no information about other workarounds for this vulnerability.

Exploit

Fix

Untrusted Search Path

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426CWE-427

Related Identifiers

CVE-2025-26624

GHSA-P8P5-R296-G2JV

Affected Products

Rufus

PT-2025-7219 · Rufus · Rufus

CVE-2025-26624

Weakness Enumeration

Related Identifiers

Affected Products

References · 9