QwikSec

Security Database

CVE

CWE

Training

CVE-2023-49114

Published: Feb 26, 2024

Modified: Feb 13, 2025

PUBLISHED

Description

A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met.

Vendor	Product	Versions
Qognify	VMS Client Viewer	affected `>=7.1`

Weaknesses (CWE)

References

https://r.sec-consult.com/qognify

third-party-advisory

http://seclists.org/fulldisclosure/2024/Mar/10

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.