Untrusted Search Path Vulnerability in PlayMemories Home for Windows by Sony
CVE-2018-0600

7.8HIGH

Key Information:

Vendor: Sony Corporation
Status: The Installer Of Playmemories Home For Windows
Vendor: CVE Published:; 26 June 2018

🔔 Create Sony Corporation Vulnerability Alert

What is CVE-2018-0600?

A vulnerability exists in the installer of PlayMemories Home for Windows versions 5.5.01 and earlier that could allow an attacker to exploit an untrusted search path. This could lead to privilege escalation via a Trojan horse DLL placed in an unspecified directory, potentially compromising the integrity and security of the system.

Affected Version(s)

the installer of PlayMemories Home for Windows ver.5.5.01 and earlier

References

http://support.d-imaging.sony.co.jp/www/disoft/int/downlo...

x_refsource_MISC

http://jvn.jp/en/jp/JVN13940333/index.html

third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2018
Vulnerability Reserved
Nov 27, 2017