CVE-2024-7325
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-7325 is a critical vulnerability discovered in IObit Driver Booster 11.0.0.0. The issue lies within the library VCL120.BPL of the BPL Handler component, which allows for uncontrolled search paths. This means an attacker can manipulate the software to search beyond intended directories, potentially leading to unintended executions. Local access is necessary for exploitation, making this a risk for users who have the software installed on their machines. The identifier for this vulnerability is VDB-273248, and despite early disclosure, the vendor has not responded to efforts to address the issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- iObit Driver Booster
Affected Vendors
- IObit