Vulnerability Description
Untrusted search path vulnerability in ELECOM Camera Assistant 1.00 and QuickFileDealer Ver.1.2.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Elecom | Camera Assistant | 1.00 |
| Elecom | Quickfiledealer | <= 1.2.1 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN60263237/Third Party Advisory
- https://www.elecom.co.jp/news/security/20230214-01/PatchVendor Advisory
- https://jvn.jp/en/jp/JVN60263237/Third Party Advisory
- https://www.elecom.co.jp/news/security/20230214-01/PatchVendor Advisory
FAQ
What is CVE-2023-22368?
CVE-2023-22368 is a vulnerability with a CVSS score of 7.8 (HIGH). Untrusted search path vulnerability in ELECOM Camera Assistant 1.00 and QuickFileDealer Ver.1.2.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
How severe is CVE-2023-22368?
CVE-2023-22368 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-22368?
Check the references section above for vendor advisories and patch information. Affected products include: Elecom Camera Assistant, Elecom Quickfiledealer, Microsoft Windows.