CVE-2024-7325: IObit Driver Booster BPL VCL120.BPL uncontrolled search path
First published: Wed Jul 31 2024(Updated: )
A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The identifier of this vulnerability is VDB-273248. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IObit Driver Booster | =11.0.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-7325?
CVE-2024-7325 has been rated as critical due to its potential impact.
How do I fix CVE-2024-7325?
To fix CVE-2024-7325, update IObit Driver Booster to the latest version available.
What component is affected by CVE-2024-7325?
CVE-2024-7325 affects the VCL120.BPL library within the BPL Handler component.
Can CVE-2024-7325 be exploited remotely?
CVE-2024-7325 requires local access for exploitation.
What kind of vulnerability is CVE-2024-7325 related to?
CVE-2024-7325 is related to uncontrolled search path manipulation.
- agent/weakness
- agent/title
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/severity
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- agent/event
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/source
- vendor/iobit
- canonical/iobit driver booster
- version/iobit driver booster/11.0.0.0