CVE-2023-22368
First published: Wed Feb 15 2023(Updated: )
Untrusted search path vulnerability in ELECOM Camera Assistant 1.00 and QuickFileDealer Ver.1.2.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ELECOM Camera Assistant | =1.00 | |
| Elecom Quickfiledealer | <=1.2.1 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-22368.
What is the severity of CVE-2023-22368?
The severity of CVE-2023-22368 is high with a CVSS score of 7.8.
How does the vulnerability in ELECOM Camera Assistant and QuickFileDealer occur?
The vulnerability occurs due to an untrusted search path, allowing an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Which versions of ELECOM Camera Assistant are affected by this vulnerability?
The vulnerability affects ELECOM Camera Assistant version 1.00.
Which versions of QuickFileDealer are affected by this vulnerability?
The vulnerability affects QuickFileDealer version 1.2.1 and earlier.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/elecom
- canonical/elecom camera assistant
- version/elecom camera assistant/1.00
- canonical/elecom quickfiledealer
- version/elecom quickfiledealer/1.2.1
- vendor/microsoft
- canonical/microsoft windows