CVE-2021-45975
First published: Wed Jan 26 2022(Updated: )
In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with local administrator privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Acer Care Center | >=4.0<4.00.3038 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2021-45975.
What is the severity of CVE-2021-45975?
The severity of CVE-2021-45975 is high with a CVSS score of 7.8.
What is the affected software?
The affected software is Acer Care Center version 4.x before 4.00.3038.
How does CVE-2021-45975 work?
CVE-2021-45975 is a DLL hijacking vulnerability in the loading mechanism of Windows DLLs in Acer Care Center. It allows a local attacker to perform a DLL hijacking attack by exploiting incorrect handling of directory search paths.
How can I fix CVE-2021-45975?
To fix CVE-2021-45975, you need to update Acer Care Center to version 4.00.3038 or later.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/acer
- canonical/acer care center
- version/acer care center/4.0