DLL search order hijack in Wave by Grandstream Networks
Posted date 10/09/2025
Identificador
INCIBE-2025-0489
Importance
4 - High
Affected Resources
- Wave, versions prior to 1.27.11.
Description
INCIBE has coordinated the publication of a high-severity vulnerability affecting Grandstream Networks Wave, a platform that allows users to join, schedule, and hold meetings, calls, and conferences remotely. The vulnerability was discovered by Alexander Huaman Jaimes.
This vulnerability has been assigned the following code, CVSS v4.0 base score, CVSS vector, and CWE vulnerability type:
- CVE-2025-40979: CVSS v4.0: 7 | CVSS AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-427
Solution
The vulnerability has been fixed by the Grandstream Networks team in the 1.27.11 version.
Detail
- CVE-2025-40979 : DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users<user>\AppData\Local\Temp' directory, which could lead to arbitrary code execution and persistence. This vulnerability is only replicable in versions of Windows 11 and does not affect earlier versions.
CVE
Explotación
No
References list
Etiquetas
