CVE-2018-5457
CVE-2018-5457
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
06 Feb 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application.
Affected products
n/a · Vyaire Medical CareFusion Upgrade Utility VulnerabilityWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →