216.73.217.50

CVE-2024-7834

· Published 04/09/2024 13:15 · Modified 05/09/2024 17:52

Labels: CVE-2024-7834 2024-09-04CVE-2024-7834CWE-427a341c0d1-ebf7-493f-a84e-38cf86618674

Essential information

Published
04/09/2024 13:15
Modified
05/09/2024 17:52
Author
Creator
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

A local privilege escalation is caused by Overwolf loading and executing certain dynamic link library files from a user-writeable folder in SYSTEM context on launch. This allows an attacker with unprivileged access to the system to run arbitrary code with SYSTEM privileges by placing a malicious .dll file in the respective location.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
a341c0d1-ebf7-493f-a84e-38cf86618674
NVD
View on NVD

Affected products (CPE)

ProductCPE
overwolf / overwolf cpe:2.3:a:overwolf:overwolf:*:*:*:*:*:*:*:*

References