A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility (FUU) bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution.
Metrics
Affected Vendors & Products
References
History
Tue, 06 Aug 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-94 | |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: hp
Published: 2024-03-26T23:49:12.512Z
Updated: 2024-08-06T18:48:35.083Z
Reserved: 2024-03-05T22:45:36.860Z
Link: CVE-2024-2209

Updated: 2024-08-01T19:03:39.393Z

Status : Awaiting Analysis
Published: 2024-03-27T00:15:07.817
Modified: 2024-11-21T09:09:15.580
Link: CVE-2024-2209

No data.