CWE-427
Uncontrolled Search Path Element
BaseDraft
Description
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-38 · CAPEC-471
CVEs mapped to this weakness (303)
page 5 of 16| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-26859 | Hig | 0.51 | 7.8 | 0.00 | Oct 15, 2025 | RemoteView PC Application Console versions prior to 6.0.2 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution. | |
| CVE-2025-57781 | Hig | 0.51 | 7.8 | 0.00 | Oct 6, 2025 | The installers of DENSO TEN drive recorder viewer contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer. | |
| CVE-2025-11223 | Hig | 0.51 | 7.8 | 0.00 | Oct 3, 2025 | Installer of Panasonic AutoDownloader version 1.2.8 contains an issue with the DLL search path, which may lead to loading a crafted DLL file in the same directory. | |
| CVE-2025-57624 | Hig | 0.51 | 7.8 | 0.00 | Sep 16, 2025 | A DLL hijacking vulnerability in CYRISMA Agent before 444 allows local users to escalate privileges and execute arbitrary code via multiple DLLs. | |
| CVE-2025-9201 | Hig | 0.51 | 7.8 | 0.00 | Sep 11, 2025 | A potential DLL hijacking vulnerability was discovered in Lenovo Browser during an internal security assessment that could allow a local user to execute code with elevated privileges. | |
| CVE-2025-30033 | Hig | 0.51 | 7.8 | 0.00 | Aug 12, 2025 | The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component. | |
| CVE-2025-43950 | Hig | 0.51 | 7.8 | 0.00 | Apr 22, 2025 | DPMAdirektPro 4.1.5 is vulnerable to DLL Hijacking. It happens by placing a malicious DLL in a directory (in the absence of a legitimate DLL), which is then loaded by the application instead of the legitimate DLL. This causes the malicious DLL to load with the same privileges as the application, thus causing a privilege escalation. | |
| CVE-2024-48091 | Hig | 0.51 | 7.8 | 0.00 | Feb 7, 2025 | Tally Prime Edit Log v2.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL. | |
| CVE-2024-53588 | Hig | 0.51 | 7.8 | 0.00 | Jan 23, 2025 | A DLL hijacking vulnerability in iTop VPN v16.0 allows attackers to execute arbitrary code via placing a crafted DLL file into the path \ProgramData\iTop VPN\Downloader\vpn6. | |
| CVE-2025-0069 | Hig | 0.51 | 7.8 | 0.00 | Jan 14, 2025 | Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active directory of a company. This leads to high impact on confidentiality, integrity and availability of the Windows server. | |
| CVE-2024-9852 | Hig | 0.51 | 7.8 | 0.00 | Nov 28, 2024 | Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions allows a local authenticated attacker to execute a malicious code by storing a specially crafted DLL in a specific folder. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products. | |
| CVE-2024-8299 | Hig | 0.51 | 7.8 | 0.00 | Nov 28, 2024 | Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions 10.97.3 and prior, Mitsubishi Electric GENESIS32 all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric Iconics Digital Solutions Hyper Historian versions 10.97.3 and prior, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions allows a local authenticated attacker to execute a malicious code by storing a specially crafted DLL in a specific folder. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or to cause a denial of service (DoS) condition on the products. | |
| CVE-2024-10068 | Hig | 0.51 | 7.8 | 0.00 | Oct 17, 2024 | A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-1_1.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
| CVE-2024-33582 | Hig | 0.51 | 7.8 | 0.00 | Oct 11, 2024 | A DLL hijack vulnerability was reported in Lenovo Service Framework that could allow a local attacker to execute code with elevated privileges. | |
| CVE-2024-33581 | Hig | 0.51 | 7.8 | 0.00 | Oct 11, 2024 | A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges. | |
| CVE-2024-33580 | Hig | 0.51 | 7.8 | 0.00 | Oct 11, 2024 | A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges. | |
| CVE-2024-33579 | Hig | 0.51 | 7.8 | 0.00 | Oct 11, 2024 | A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges. | |
| CVE-2024-33578 | Hig | 0.51 | 7.8 | 0.00 | Oct 11, 2024 | A DLL hijack vulnerability was reported in Lenovo Leyun that could allow a local attacker to execute code with elevated privileges. | |
| CVE-2024-7886 | Hig | 0.51 | 7.8 | 0.00 | Aug 16, 2024 | A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The real existence of this vulnerability is still doubted at the moment. The vendor explains that a system must be breached before exploiting this issue. They are not planning on making any changes to address it. | |
| CVE-2024-7324 | Hig | 0.51 | 7.8 | 0.00 | Jul 31, 2024 | A vulnerability was found in IObit iTop Data Recovery Pro 4.4.0.687. It has been declared as critical. Affected by this vulnerability is an unknown functionality in the library madbasic_.bpl of the component BPL Handler. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The associated identifier of this vulnerability is VDB-273247. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |