Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-43950

DPMAdirektPro 4.1.5 is vulnerable to DLL Hijacking. It happens by placing a malicious DLL in a directory (in the absence of a legitimate DLL), which is then loaded by the application instead of the legitimate DLL. This causes the malicious DLL to load with the same privileges as the application, thus causing a privilege escalation.

Published

2025-04-22T18:16:01.517

Last Modified

2025-04-23T14:15:29.930

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-427

Affected Vendors & Products

References

https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43950 ([email protected])
https://www.dpma.de/english/services/efiling/dpmadirekt/downloads/index.html ([email protected])