Untrusted Search Path Vulnerability in RW-4040 Driver Installer for Windows 7
CVE-2017-2189

7.8HIGH

Key Information:

Vendor: Sharp Corporation
Status: Rw-4040 Driver Installer For Windows 7
Vendor: CVE Published:; 9 June 2017

🔔 Create Sharp Corporation Vulnerability Alert

What is CVE-2017-2189?

The RW-4040 Driver Installer for Windows 7 version 2.27 is susceptible to an untrusted search path vulnerability. This flaw allows attackers to leverage a Trojan horse DLL placed in an unspecified directory to gain elevated privileges. Such an exploit can lead to unauthorized access and control over affected systems, highlighting the critical need for secure coding practices and robust user permissions.

Affected Version(s)

RW-4040 driver installer for Windows 7 version 2.27

References

http://www.securityfocus.com/bid/99290

vdb-entryx_refsource_BID

http://jvn.jp/en/jp/JVN51274854/index.html

third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2017
Vulnerability Reserved
Dec 1, 2016