CVE-2018-5457
https://notcve.org/view.php?id=CVE-2018-5457
A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application. Se ha descubierto un problema de elemento de ruta de búsqueda no controlado en Vyaire Medical CareFusion Upgrade Utility, empleado en sistemas Windows XP, en versiones 2.0.2.2 y anteriores. Una explotación con éxito de esta vulnerabilidad requiere que el usuario local instale un DLL malicioso en la máquina objetivo. • http://www.securityfocus.com/bid/102983 https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-01 • CWE-427: Uncontrolled Search Path Element •