CVE-2022-28792
Severity CVSS v4.0:
Pending analysis
Type:
CWE-427
Uncontrolled Search Path Element
Publication date:
03/05/2022
Last modified:
11/05/2022
Description
DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code. The patch adds proper absolute path to prevent dll hijacking.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
4.40
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:samsung:gear_iconx_pc_manager:*:*:*:*:*:*:*:* | 2.1.220405.51 (excluding) |
To consult the complete list of CPE names with products and versions, see this page