Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Uncontrolled search path can lead to DLL hijacking in USBXpress SDK installer
Vulnerability Description
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress SDK installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Silicon USBXpress SDK installer 代码问题漏洞
Vulnerability Description
Silicon USBXpress SDK installer是美国芯科(Silicon)公司的一个 USBXpress SDK 安装程序。 Silicon USBXpress SDK installer存在安全漏洞,该漏洞源于搜索路径不受控制。攻击者利用该漏洞可以升级权限和执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A