DLL Hijacking Vulnerability in EzViz Studio by EzViz
CVE-2023-41613

7.8HIGH

Key Information:

Vendor: Ezviz
Status: Ezviz Studio
Vendor: CVE Published:; 4 December 2023

Badges

👾 Exploit Exists

What is CVE-2023-41613?

EzViz Studio version 2.2.0 contains a vulnerability that allows malicious actors to conduct DLL hijacking attacks. This vulnerability enables attackers to load a malicious DLL file when the software starts, potentially leading to unauthorized code execution within the application's context. Users are encouraged to update their software to mitigate risks associated with this vulnerability.

References

https://packetstormsecurity.com/files/175684/EzViz-Studio...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 4, 2023
Vulnerability Reserved
Aug 30, 2023
👾
Exploit known to exist
Aug 28, 2023

CVE-2023-41613 Data

JSON

Ezviz

Badges

What is CVE-2023-41613?

References

CVSS V3.1

Timeline