CVE-2023-45252
Severity:
HIGH
Type:
CWE-427
Uncontrolled Search Path Element
Publication date:
01/12/2023
Last modified:
08/12/2023
Description
DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:huddly:huddlycameraservice:*:*:*:*:*:*:*:* | 8.0.7 (excluding) | |
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page