CVE-2024-9492

8.6 HIGH

Published: January 24, 2025 Modified: April 15, 2026

Description

DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://community.silabs.com/068Vm00000JUQwd

Source: product-security@silabs.com

1 reference(s) from NVD

Quick Stats

CVSS v3 Score

8.6 / 10.0

EPSS (Exploit Probability)

0.1%

23th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-427

Related CVEs