Home

Description

Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used.

PUBLISHED Reserved 2024-12-04 | Published 2025-06-02 | Updated 2025-06-02 | Assigner yandex




HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H

Problem types

CWE-426 Untrusted Search Path

Product status

Default status
unaffected

Any version before 2.7.0
affected

Credits

PT SWARM experts, Positive Technologies reporter

References

yandex.com/bugbounty/i/hall-of-fame-products

cve.org (CVE-2024-12168)

nvd.nist.gov (CVE-2024-12168)

Download JSON