CVE-2023-22818
CVSS V2 None
CVSS V3 None
Description
Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for
Windows that could allow attackers with local access to execute arbitrary code by executing the installer
in the same folder as the malicious DLL. This can lead to the execution of arbitrary
code with the privileges of the vulnerable application or obtain a certain level of persistence
on the compromised host.
Overview
- CVE ID
- CVE-2023-22818
- Assigner
- WDC PSIRT
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-15T20:03:57.085Z
- Last Modified Date
- 2023-11-15T20:03:57.085Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.westerndigital.com/support/product-security/wdc-23013-sandisk-security-installer-for-windows-1-0-0-25 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-22818 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22818 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 14:26:15 | Added to TrackCVE |