Yandex Telemost

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2024-12168 HIGH PATCH This Week

DLL hijacking vulnerability in Yandex Telemost for Desktop versions before 2.7.0, where the application searches for dynamic libraries in untrusted paths, allowing local attackers with user-level privileges to execute arbitrary code through malicious DLL injection. The vulnerability has a high CVSS score of 7.8 and requires user interaction (running the application), but poses significant risk as DLL hijacking is a well-understood and commonly exploitable attack vector with publicly available proof-of-concept techniques.

Information Disclosure Yandex Telemost

NVD

CVSS 3.1

7.8

EPSS

0.0%

CVE-2024-12168

EPSS 0% CVSS 7.8

HIGH PATCH This Week

DLL hijacking vulnerability in Yandex Telemost for Desktop versions before 2.7.0, where the application searches for dynamic libraries in untrusted paths, allowing local attackers with user-level privileges to execute arbitrary code through malicious DLL injection. The vulnerability has a high CVSS score of 7.8 and requires user interaction (running the application), but poses significant risk as DLL hijacking is a well-understood and commonly exploitable attack vector with publicly available proof-of-concept techniques.

Information Disclosure Yandex Telemost

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy