CWE-427
Uncontrolled Search Path Element
Description
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-38 · CAPEC-471
CVEs mapped to this weakness (377)
page 11 of 19| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-0712 | Hig | 0.46 | 7.0 | 0.00 | Jul 30, 2025 | An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete… | ||
| CVE-2025-1700 | Hig | 0.46 | 7.0 | 0.00 | Jul 17, 2025 | A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a local attacker to escalate privileges during installation of the software. | ||
| CVE-2025-2272 | Hig | 0.46 | 7.0 | 0.00 | May 22, 2025 | Uncontrolled Search Path Element vulnerability in Forcepoint FIE Endpoint allows Privilege Escalation, Code Injection, Hijacking a privileged process.This issue affects FIE Endpoint: before 25.05. | ||
| CVE-2025-4769 | Hig | 0.46 | 7.0 | 0.00 | May 16, 2025 | A vulnerability classified as critical was found in CBEWIN Anytxt Searcher 1.3.1128.0. This vulnerability affects unknown code of the file ATService.exe. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is… | ||
| CVE-2025-4532 | Hig | 0.46 | 7.0 | 0.00 | May 11, 2025 | A vulnerability classified as critical has been found in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819. This affects an unknown part in the library process.dll of the file sunlogin_guard.exe. The manipulation leads to uncontrolled search path. Local access… | ||
| CVE-2025-4455 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2025 | A vulnerability was found in Patch My PC Home Updater up to 5.1.3.0. It has been rated as critical. This issue affects some unknown processing in the library advapi32.dll/BCrypt.dll/comctl32.dll/crypt32.dll/dwmapi.dll/gdi32.dll/gdiplus.dll/imm32.dll/iphlpapi.dll/kernel32.dll/mscm… | ||
| CVE-2025-4272 | Hig | 0.46 | 7.0 | 0.00 | May 5, 2025 | A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the library C:\Program Files\OEM\MECHREVO Control Center\UniwillService\MyControlCenter\csCAPI.dll of the component GCUService.… | ||
| CVE-2024-12530 | Hig | 0.46 | — | 0.00 | Apr 17, 2025 | Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows allows DLL Side-Loading.This issue affects Secure Content Manager: 23.4. End-users can potentially exploit the vulnerability to execute malicious code in the trusted context of the… | ||
| CVE-2025-1804 | Hig | 0.46 | 7.0 | 0.00 | Mar 1, 2025 | A vulnerability was found in Blizzard Battle.Net up to 2.39.0.15212 on Windows and classified as critical. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached… | ||
| CVE-2024-1182 | Hig | 0.46 | 7.0 | 0.00 | Jul 4, 2024 | Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric MC Works64 all versions,… | ||
| CVE-2024-39708 | Hig | 0.46 | 7.0 | 0.00 | Jun 28, 2024 | An issue was discovered in the Agent in Delinea Privilege Manager (formerly Thycotic Privilege Manager) before 12.0.1096 on Windows. Sometimes, a non-administrator user can copy a crafted DLL file to a temporary directory (used by .NET Shadow Copies) such that privilege… | ||
| CVE-2024-0980 | Hig | 0.46 | 7.1 | 0.00 | Mar 28, 2024 | The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code. | ||
| CVE-2018-5457 | Hig | 0.46 | 7.0 | 0.00 | Feb 6, 2018 | A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target… | ||
| CVE-2017-9661 | Hig | 0.46 | 7.0 | 0.01 | Aug 14, 2017 | An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to place a malicious DLL file within the search path resulting in… | ||
| CVE-2017-5176 | Hig | 0.46 | 7.0 | 0.01 | May 19, 2017 | A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE,… | ||
| CVE-2017-6051 | Hig | 0.46 | 7.0 | 0.01 | May 8, 2017 | An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to run a malicious DLL file within the search path resulting in… | ||
| CVE-2024-6769 | Med | 0.45 | 6.7 | 0.01 | Sep 26, 2024 | A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process… | ||
| CVE-2024-22451 | Med | 0.44 | 6.7 | 0.00 | Jun 16, 2026 | Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution. | ||
| CVE-2024-22447 | Med | 0.44 | 6.7 | 0.00 | Jun 16, 2026 | Dell Peripheral Manager, versions prior to 1.7.3, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious dll., leading to arbitrary code execution. | ||
| CVE-2026-53813 | Hig | 0.44 | 7.8 | 0.00 | Jun 11, 2026 | OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations,… |
- risk 0.46cvss 7.0epss 0.00
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete…
- risk 0.46cvss 7.0epss 0.00
A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a local attacker to escalate privileges during installation of the software.
- risk 0.46cvss 7.0epss 0.00
Uncontrolled Search Path Element vulnerability in Forcepoint FIE Endpoint allows Privilege Escalation, Code Injection, Hijacking a privileged process.This issue affects FIE Endpoint: before 25.05.
- risk 0.46cvss 7.0epss 0.00
A vulnerability classified as critical was found in CBEWIN Anytxt Searcher 1.3.1128.0. This vulnerability affects unknown code of the file ATService.exe. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is…
- risk 0.46cvss 7.0epss 0.00
A vulnerability classified as critical has been found in Shanghai Bairui Information Technology SunloginClient 15.8.3.19819. This affects an unknown part in the library process.dll of the file sunlogin_guard.exe. The manipulation leads to uncontrolled search path. Local access…
- risk 0.46cvss 7.0epss 0.00
A vulnerability was found in Patch My PC Home Updater up to 5.1.3.0. It has been rated as critical. This issue affects some unknown processing in the library advapi32.dll/BCrypt.dll/comctl32.dll/crypt32.dll/dwmapi.dll/gdi32.dll/gdiplus.dll/imm32.dll/iphlpapi.dll/kernel32.dll/mscm…
- risk 0.46cvss 7.0epss 0.00
A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the library C:\Program Files\OEM\MECHREVO Control Center\UniwillService\MyControlCenter\csCAPI.dll of the component GCUService.…
- risk 0.46cvss —epss 0.00
Uncontrolled Search Path Element vulnerability in OpenText Secure Content Manager on Windows allows DLL Side-Loading.This issue affects Secure Content Manager: 23.4. End-users can potentially exploit the vulnerability to execute malicious code in the trusted context of the…
- risk 0.46cvss 7.0epss 0.00
A vulnerability was found in Blizzard Battle.Net up to 2.39.0.15212 on Windows and classified as critical. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached…
- risk 0.46cvss 7.0epss 0.00
Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric MC Works64 all versions,…
- risk 0.46cvss 7.0epss 0.00
An issue was discovered in the Agent in Delinea Privilege Manager (formerly Thycotic Privilege Manager) before 12.0.1096 on Windows. Sometimes, a non-administrator user can copy a crafted DLL file to a temporary directory (used by .NET Shadow Copies) such that privilege…
- risk 0.46cvss 7.1epss 0.00
The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code.
- risk 0.46cvss 7.0epss 0.00
A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target…
- risk 0.46cvss 7.0epss 0.01
An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to place a malicious DLL file within the search path resulting in…
- risk 0.46cvss 7.0epss 0.01
A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). The following versions are affected: Connected Components Workbench - Developer Edition, v9.01.00 and earlier: 9328-CCWDEVENE, 9328-CCWDEVZHE, 9328-CCWDEVFRE, 9328-CCWDEVITE,…
- risk 0.46cvss 7.0epss 0.01
An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may allow an attacker to run a malicious DLL file within the search path resulting in…
- risk 0.45cvss 6.7epss 0.01
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process…
- risk 0.44cvss 6.7epss 0.00
Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious executable, leading to arbitrary code execution.
- risk 0.44cvss 6.7epss 0.00
Dell Peripheral Manager, versions prior to 1.7.3, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious dll., leading to arbitrary code execution.
- risk 0.44cvss 7.8epss 0.00
OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations,…