What is the severity of CVE-2024-7326?

CVE-2024-7326 is classified as a critical vulnerability.

What components are affected by CVE-2024-7326?

CVE-2024-7326 affects the library RTL120.BPL in the BPL Handler component of IObit DualSafe Password Manager version 1.4.0.3.

How can I fix CVE-2024-7326?

To fix CVE-2024-7326, it is recommended to update IObit DualSafe Password Manager to a patched version.

What kind of attack can be launched due to CVE-2024-7326?

CVE-2024-7326 allows attackers to perform an uncontrolled search path manipulation.

Is there a workaround for CVE-2024-7326?

Currently, the most effective mitigation for CVE-2024-7326 is to ensure that you are using the latest version of the software.

Vulnerability/
CVE-2024-7326

high

8.5

CWE

427

EPSS

0.042%

31/7/2024

15/8/2024

CVE-2024-7326: IObit DualSafe Password Manager BPL RTL120.BPL uncontrolled search path

First published: Wed Jul 31 2024(Updated: )

A vulnerability classified as critical has been found in IObit DualSafe Password Manager 1.4.0.3. This affects an unknown part in the library RTL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The identifier VDB-273249 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Credit: cna@vuldb.com

Affected Software	Affected Version	How to fix
iTop DualSafe Password Manager & Digital Vault	=1.4.0.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-7326?
CVE-2024-7326 is classified as a critical vulnerability.
What components are affected by CVE-2024-7326?
CVE-2024-7326 affects the library RTL120.BPL in the BPL Handler component of IObit DualSafe Password Manager version 1.4.0.3.
How can I fix CVE-2024-7326?
To fix CVE-2024-7326, it is recommended to update IObit DualSafe Password Manager to a patched version.
What kind of attack can be launched due to CVE-2024-7326?
CVE-2024-7326 allows attackers to perform an uncontrolled search path manipulation.
Is there a workaround for CVE-2024-7326?
Currently, the most effective mitigation for CVE-2024-7326 is to ensure that you are using the latest version of the software.

agent/title
agent/weakness
agent/references
agent/type
agent/description
agent/first-publish-date
agent/severity
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/softwarecombine
collector/epss-latest
source/FIRST
agent/epss
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/itopvpn
canonical/itop dualsafe password manager & digital vault
version/itop dualsafe password manager & digital vault/1.4.0.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.