A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met.
References
Configurations
No configuration.
History
13 Feb 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met. |
21 Nov 2024, 08:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2024/Mar/10 - | |
References | () https://r.sec-consult.com/qognify - |
14 Aug 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
03 Mar 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References |
|
26 Feb 2024, 16:32
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-26 16:27
Updated : 2025-02-13 18:15
NVD link : CVE-2023-49114
Mitre link : CVE-2023-49114
CVE.ORG link : CVE-2023-49114
JSON object : View
Products Affected
No product.
CWE
CWE-427
Uncontrolled Search Path Element