Untrusted Search Path Vulnerability in Optimal Guard by Optimal
CVE-2017-10836

7.8HIGH

Key Information:

Vendor: Optim Corporation
Status: Optimal Guard
Vendor: CVE Published:; 29 August 2017

🔔 Create Optim Corporation Vulnerability Alert

What is CVE-2017-10836?

The untrusted search path vulnerability found in Optimal Guard versions 1.1.21 and earlier allows attackers to leverage a Trojan horse DLL positioned in an unspecified directory. This flaw permits unauthorized privilege escalation, compromising the security of users' systems and sensitive data. It underscores the importance of maintaining updated security protocols and software versions to mitigate such risks.

Affected Version(s)

Optimal Guard 1.1.21 and earlier

References

https://jvn.jp/en/jp/JVN87540575/index.html

third-party-advisoryx_refsource_JVN

https://www.optim.co.jp/contents/23246

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2017
Vulnerability Reserved
Jul 4, 2017

JSON