CVE-2023-5012

Topaz OFD Protection Module Warsaw core.exe unquoted search path

CVSS 5.3 MEDIUMEPSS 0.2%CWE-428

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

16 Sep 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requirement. Upgrading to version 2.12.0.259 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-239853 was assigned to this vulnerability.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected products

Topaz · OFD

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://vuldb.com/?ctiid.239853 https://vuldb.com/?id.239853