DLL Hijacking Vulnerability in Efs Software Easy Chat Server
CVE-2022-44939

7.8HIGH

Key Information:

Vendor: Echatserver
Status: Easy Chat Server
Vendor: CVE Published:; 6 January 2023

🔔 Create Echatserver Vulnerability Alert

What is CVE-2022-44939?

Efs Software Easy Chat Server Version 3.1 contains a DLL hijacking vulnerability that can be exploited through the TextShaping.dll component. By deploying a specially crafted DLL, an attacker can execute arbitrary code, potentially compromising the security of the affected system. It is crucial for users to be aware of this vulnerability and implement necessary mitigations to safeguard their systems.

References

https://github.com/RashidKhanPathan/WindowsPrivilegeEscal...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 6, 2023
Vulnerability Reserved
Nov 7, 2022

CVE-2022-44939 Data

JSON