CVE-2024-7834

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-427
View all →

Vulnerability Description

A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious .dll file in the respective location.

Related Vulnerabilities

CVE-2013-0725

HIGH
CVSS:7.8(High)

ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities

CWE-4272013

CVE-2014-8393

HIGH
CVSS:7.8(High)

DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.

CWE-4272014

CVE-2016-5311

HIGH
CVSS:7.8(High)

A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Pro...

CWE-4272016

CVE-2016-6592

HIGH
CVSS:7.8(High)

A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user's system, will cause the...

CWE-4272016

CVE-2017-1000010

HIGH
CVSS:7.8(High)

Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution.

CWE-4272017

CVE-2017-11158

HIGH
CVSS:7.8(High)

Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking a...

CWE-4272017