← volver
CVE-2025-0567

Epic Games Launcher Installer profapi.dll untrusted search path

CVSS 2 LOWEPSS 0.2%CWE-426
Vexday Risk Score
8Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 2EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
19 ene 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability classified as problematic was found in Epic Games Launcher up to 17.2.1. This vulnerability affects unknown code in the library profapi.dll of the component Installer. The manipulation leads to untrusted search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation appears to be difficult.
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Productos afectados
Epic Games · Launcher

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://vuldb.com/?ctiid.292528https://vuldb.com/?id.292528https://vuldb.com/?submit.481104