CVE Catalog

CVE-2024-45874

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.71%

49th percentile - higher than 49% of all known CVEs

Summary

A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code or maintain persistence by placing a crafted DLL file in the same directory as Vooki.exe.

Risk Assessment

The risk involves potential arbitrary code execution by an attacker, which could lead to system compromise, data theft, or malware installation.

Recommendation

It is recommended to immediately update VegaBird Vooki to the latest version and avoid running Vooki.exe from directories accessible to unauthorized users.

Original NVD description (English source)

A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Vooki.exe.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS