Hcl Traveler For Microsoft Outlook Htmo
Monthly
DLL hijacking in HCL Traveler for Microsoft Outlook (HTMO) permits a local, high-privileged attacker to replace or plant a malicious DLL in a directory searched by the application at load time, enabling arbitrary code execution within the HTMO process context. The CVSS vector (AV:L/AC:L/PR:H/UI:R) confirms the attack is constrained to local access with elevated privileges and requires a user to trigger application load, substantially limiting real-world exploitability despite the full C/I/A:H impact ratings. No public exploit code and no CISA KEV listing have been identified at time of analysis.
DLL hijacking in HCL Traveler for Microsoft Outlook (HTMO) permits a local, high-privileged attacker to replace or plant a malicious DLL in a directory searched by the application at load time, enabling arbitrary code execution within the HTMO process context. The CVSS vector (AV:L/AC:L/PR:H/UI:R) confirms the attack is constrained to local access with elevated privileges and requires a user to trigger application load, substantially limiting real-world exploitability despite the full C/I/A:H impact ratings. No public exploit code and no CISA KEV listing have been identified at time of analysis.