Overview
- Description
- An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.
- Source
- arm-security@arm.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arm:arm_development_studio:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "241064F9-9B76-41FA-A8B5-4FBCDE51BAD2"
},
{
"criteria": "cpe:2.3:a:arm:ds_development_studio:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30B049E4-59A7-47D8-A491-D947C4AAD4AC",
"versionEndIncluding": "5.29.3",
"versionStartIncluding": "5.0.0"
}
],
"operator": "OR"
}
]
}
]