- Description
- HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execute arbitrary code.
- Source
- psirt@huawei.com
- NVD status
- Analyzed
CVSS 3.0
- Type
- Primary
- Base score
- 5.3
- Impact score
- 3.4
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-427
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:huawei:hisuite:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3AA3064-D83F-4E50-BD5F-8E36C216A240",
"versionEndIncluding": "9.1.0.300"
}
],
"operator": "OR"
}
]
}
]