First published: Wed Oct 11 2023(Updated: )
It is possible to sideload a compromised DLL during the installation at elevated privilege.
Credit: PSIRT@synaptics.com PSIRT@synaptics.com
Affected Software | Affected Version | How to fix |
---|---|---|
Synaptics Displaylink Usb Graphics | <11.2m0 | |
<11.2m0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-4936 is a vulnerability that allows for the sideloading of a compromised DLL during the installation process at elevated privilege.
CVE-2023-4936 has a severity rating of 7.8 (high).
CVE-2023-4936 affects the Synaptics Displaylink Usb Graphics software version 11.2m0 on Windows operating systems.
CVE-2023-4936 can be exploited by using malicious DLL files during the installation process to gain elevated privileges.
To fix CVE-2023-4936, it is recommended to update to a version of the Synaptics Displaylink Usb Graphics software that is not affected or apply any available patches or security updates.