HiSuite 10.1.0.500 Untrusted Search Path Vulnerability

Summary

Earlier than HiSuite 10.1.0.500 have a DLL hijacking vulnerability.

Credit:

The information has been provided by Eran Shimony

The original article can be found at:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-01-dllhijacking-en


Details

This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker’s choosing.

 

Vulnerable Systems:

HiSuite 10.1.0.500

 

CVE Information:

CVE-2020-9100

 

Disclosure Timeline:
Published Date:7/6/2020

Categories: FeaturedNews