CVE-2024-11859 | THREATINT

Description

DLL Search Order Hijacking vulnerability potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code.

PUBLISHED Reserved 2024-11-27 | Published 2025-04-07 | Updated 2025-04-16 | Assigner ESET

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-427 Uncontrolled Search Path Element

Product status

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Any version

affected

Default status

unaffected

Any version

affected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Any version

affected

Any version

affected

Default status

unaffected

Any version

affected

Any version

affected

Any version

affected

References

support.eset.com/...ility-in-eset-products-for-windows-fixed

cve.org (CVE-2024-11859)

nvd.nist.gov (CVE-2024-11859)

Download JSON