CVE-2024-7325

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 31, 2024
Updated: Aug 1, 2024
CWE ID 427

Summary

CVE-2024-7325 is a critical vulnerability discovered in IObit Driver Booster 11.0.0.0. The issue lies within the library VCL120.BPL of the BPL Handler component, which allows for uncontrolled search paths. This means an attacker can manipulate the software to search beyond intended directories, potentially leading to unintended executions. Local access is necessary for exploitation, making this a risk for users who have the software installed on their machines. The identifier for this vulnerability is VDB-273248, and despite early disclosure, the vendor has not responded to efforts to address the issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • iObit Driver Booster

Affected Vendors

  • IObit