Insecure Loading of Dynamic Link Libraries in Hitachi USB Converter Cable Driver
CVE-2024-57963

7.3HIGH

Key Information:

Vendor: Hitachi
Status: Usb-convertercable Driver
Vendor: CVE Published:; 18 February 2025

Summary

A vulnerability has been identified in the USB Converter Cable Driver developed by Hitachi, allowing local attackers to exploit insecure loading of dynamic link libraries. This flaw can potentially lead to information disclosure or the execution of arbitrary code on affected systems. It highlights the importance of securing driver applications from unauthorized access and manipulation.

Affected Version(s)

USB-CONVERTERCABLE DRIVER 0

References

https://www.hitachi.com/hirt/hitachi-sec/2025/001.html

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 18, 2025
Vulnerability Reserved
Jan 29, 2025

Credit

Sahil Shah

Shaurya