Untrusted Search Path Vulnerability in RW-5100 Tool for Windows Systems
CVE-2017-2192

7.8HIGH

Key Information:

Vendor: Sharp Corporation
Status: Rw-5100 Tool To Verify Execution Environment For Windows 7; Rw-5100 Tool To Verify Execution Environment For Windows 8.1
Vendor: CVE Published:; 9 June 2017

🔔 Create Sharp Corporation Vulnerability Alert

What is CVE-2017-2192?

The RW-5100 tool is susceptible to an untrusted search path vulnerability, which allows an attacker to exploit the system by placing a Trojan horse DLL in an unmonitored directory. This can lead to privilege escalation, giving the attacker access to sensitive functionalities within the operating system. Users of RW-5100 tool for Windows 7 and Windows 8.1 should take immediate action to secure their environments to prevent unauthorized access and potential data breaches.

Affected Version(s)

RW-5100 tool to verify execution environment for Windows 7 version 1.1.0.0

RW-5100 tool to verify execution environment for Windows 8.1 version 1.2.0.0

References

http://www.securityfocus.com/bid/99290

vdb-entryx_refsource_BID

http://jvn.jp/en/jp/JVN51274854/index.html

third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2017
Vulnerability Reserved
Dec 1, 2016