CVE-2024-9491

Published Jan 24, 2025

Last updated a month ago

CVSS high 8.6

Overview

Description
DLL hijacking vulnerabilities, caused by an uncontrolled search path in Configuration Wizard 2 installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.
Source
product-security@silabs.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.6
Impact score
6
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

product-security@silabs.com
CWE-427

Social media

Hype score
Not currently trending

  1. CVE-2024-9491 Privilege Escalation via DLL Hijacking in Configuration Wizard 2 Installer https://t.co/WpB0ZHnLr7

    @VulmonFeeds

    24 Jan 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-9491 DLL hijacking vulnerabilities, caused by an uncontrolled search path in Configuration Wizard 2 installer can lead to privilege escalation and arbitrary code execution w… https://t.co/SsFamsC3RB

    @CVEnew

    24 Jan 2025

    220 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. [CVE-2024-9491: HIGH] Unpatched DLL hijacking vulnerability in Configuration Wizard 2 installer can result in privilege escalation & code execution. #CybersecurityAlert#cybersecurity,#vulnerability https://t.co/VLfQGOdCfI https://t.co/qlw9ZZta13

    @CveFindCom

    24 Jan 2025

    28 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References