CVE Catalog

CVE-2024-45873

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.71%

49th percentile - higher than 49% of all known CVEs

Summary

A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary code or maintain persistence by placing a crafted DLL file in the same directory as Yaazhini.exe.

Risk Assessment

The risk involves potential remote code execution by an attacker, which could lead to system compromise, data theft, or malware installation.

Recommendation

It is recommended to immediately update VegaBird Yaazhini to the latest version that fixes this vulnerability and avoid running the application from untrusted locations.

Original NVD description (English source)

A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Yaazhini.exe.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS