A weak malicious user can escalate its privilege whenever CatalystProductionSuite.2019.1.exe (version 1.1.0.21) and CatalystBrowseSuite.2019.1.exe (version 1.1.0.21) installers run. The vulnerability is in the form of DLL Hijacking. The installers try to load DLLs that don’t exist from its current directory; by doing so, an attacker can quickly escalate its privileges.
References
Link | Resource |
---|---|
https://gist.github.com/Eli-Paz/482b514320009f3e76ea712cde3bc350 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-04T18:42:20
Updated: 2019-12-23T21:27:53
Reserved: 2019-11-27T00:00:00
Link: CVE-2019-19364
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-12-04T19:15:11.940
Modified: 2022-01-01T20:07:16.027
Link: CVE-2019-19364
JSON object: View
Redhat Information
No data.
CWE