Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for
Windows that could allow attackers with local access to execute arbitrary code by executing the installer
in the same folder as the malicious DLL. This can lead to the execution of arbitrary
code with the privileges of the vulnerable application or obtain a certain level of persistence
on the compromised host.
References
Link | Resource |
---|---|
https://vuldb.com/?id.245601 | Third Party Advisory |
https://www.westerndigital.com/support/product-security/wdc-23013-sandisk-security-installer-for-windows-1-0-0-25 | Broken Link |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WDC PSIRT
Published: 2023-11-15T20:03:57.085Z
Updated: 2023-11-15T20:03:57.085Z
Reserved: 2023-01-06T20:23:44.301Z
Link: CVE-2023-22818
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-15T20:15:07.157
Modified: 2023-11-22T22:40:03.517
Link: CVE-2023-22818
JSON object: View
Redhat Information
No data.
CWE