CVE-2024-45873
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk49th percentile - higher than 49% of all known CVEs
Summary
A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary code or maintain persistence by placing a crafted DLL file in the same directory as Yaazhini.exe.
Risk Assessment
The risk involves potential remote code execution by an attacker, which could lead to system compromise, data theft, or malware installation.
Recommendation
It is recommended to immediately update VegaBird Yaazhini to the latest version that fixes this vulnerability and avoid running the application from untrusted locations.
Original NVD description (English source)
A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Yaazhini.exe.

