CVE-2024-45874
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk49th percentile - higher than 49% of all known CVEs
Summary
A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code or maintain persistence by placing a crafted DLL file in the same directory as Vooki.exe.
Risk Assessment
The risk involves potential arbitrary code execution by an attacker, which could lead to system compromise, data theft, or malware installation.
Recommendation
It is recommended to immediately update VegaBird Vooki to the latest version and avoid running Vooki.exe from directories accessible to unauthorized users.
Original NVD description (English source)
A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Vooki.exe.

