2 matches found
CVE-2020-7360
CVE-2020-7360 is a local privilege-escalation via an Uncontrolled Search Path Element (CWE-427) in SmartControl. Affected: SmartControl 4.3.15 and earlier releases up to 2020-04-15. Attack involves placing a specially crafted DLL in the software search path to escalate privileges for an authentic...
CVE-2020-7360 Philips SmartControl DLL Hijacking
An Uncontrolled Search Path Element CWE-427 vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was...