20 matches found
Exploit for Download of Code Without Integrity Check in Trueconf
🔓 CVE-2026-3502 - TrueConf Client Update Hijacking Exploit !...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-3502link is external TrueConf Client Download of Code Without Integrity Check Vulnerability This type of vulnerability is a frequent attack vector for...
TrueConf Client Download of Code Without Integrity Check Vulnerability
TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the...
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code...
VulnCheck KEV: CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code...
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code...
CVE-2026-3502 TrueConf Client Update Integrity Verification Bypass
TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code...
CVE-2026-3502
TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code...
CVE-2026-3502 TrueConf Client Update Integrity Verification Bypass
TrueConf Client downloads application update code and applies it without performing verification. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code...
CVE-2026-3502
The CVE-2026-3502 issue affects TrueConf Client where the update payload is downloaded and installed without integrity verification, allowing an attacker who controls the update path to substitute a tampered payload and potentially achieve arbitrary code execution in the updater process or user c...
TrueConf Client 安全漏洞
TrueConf Client is a video conferencing and collaboration software client developed by TrueConf Company in Lithuania. There is a security vulnerability in TrueConf Client, which stems from the lack of validation during the download of application update code. This vulnerability could allow...
CVE-2025-66835
TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...
EUVD-2025-205841
TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...
CVE-2025-66835
TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...
CVE-2025-66835
TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...
CVE-2025-66835
TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...
CVE-2025-66835
TrueConf Client 8.5.2 is vulnerable to DLL hijacking via crafted wfapi.dll allowing local attackers to execute arbitrary code within the user's context...
PT-2025-54213
Name of the Vulnerable Software and Affected Versions TrueConf Client version 8.5.2 Description The software is susceptible to a DLL hijacking issue. A crafted wfapi.dll file can be used by a local attacker to execute arbitrary code with the privileges of the user. The attack involves exploiting ...
CVE-2025-66835
CVE-2025-66835 affects TrueConf Client 8.5.2. The vulnerability is a DLL hijacking issue triggered by a crafted wfapi.dll, enabling a local attacker to execute arbitrary code within the user’s context. Impact is confined to the user’s privileges/context as described; no in-wild exploitation detai...
TrueConf Client 安全漏洞
TrueConf Client is a video conferencing and collaboration software client from TrueConf Lithuania. A security vulnerability exists in TrueConf Client version 8.5.2, which stems from vulnerability to DLL hijacking attacks via a specially crafted wfapi.dll, which could lead to the execution of...