CVE-2024-12168

Description

Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used.

Reserved 2024-12-04 | Published 2025-06-02 | Updated 2025-06-02 | Assigner yandex

Problem types

CWE-426 Untrusted Search Path

Product status

Default status
unaffected

Any version before 2.7.0
affected

Credits

PT SWARM experts, Positive Technologies reporter

References

yandex.com/bugbounty/i/hall-of-fame-products

cve.org (CVE-2024-12168)

nvd.nist.gov (CVE-2024-12168)

Download JSON