CVE-2018-5202
Summary
SKCertService 2.5.5 and earlier contains a vulnerability that could allow remote attacker to execute arbitrary code. This vulnerability exists due to the way .dll files are loaded by SKCertService. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.
- LOW
- LOCAL
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
References
Advisory Timeline
- Published