Untrusted Search Path Vulnerability in Content Manager Assistant for PlayStation
CVE-2017-17010

7.8HIGH

Key Information:

Vendor: Sony Interactive Entertainment Inc.
Status: Content Manager Assistant For Playstation
Vendor: CVE Published:; 27 December 2017

🔔 Create Sony Interactive Entertainment Inc. Vulnerability Alert

What is CVE-2017-17010?

The untrusted search path vulnerability in Content Manager Assistant for PlayStation allows attackers to exploit the software by placing a malicious DLL in a location that is searched by the application. This can lead to privilege escalation, enabling unauthorized actions within the system. Users of version 3.55.7671.0901 and earlier are particularly at risk, as the application's design does not properly secure its DLL loading process.

Affected Version(s)

Content Manager Assistant for PlayStation version 3.55.7671.0901 and earlier

References

https://jvn.jp/en/jp/JVN95423049/index.html

third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 27, 2017
Vulnerability Reserved
Nov 27, 2017