Vulnerability Details CVE-2023-22818
Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for
Windows that could allow attackers with local access to execute arbitrary code by executing the installer
in the same folder as the malicious DLL. This can lead to the execution of arbitrary
code with the privileges of the vulnerable application or obtain a certain level of persistence
on the compromised host.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.8%
CVSS Severity
CVSS v3 Score 7.3
References
Products affected by CVE-2023-22818
-
cpe:2.3:a:westerndigital:sandisk_security_installer:-