CVE-2023-2417

Summary

A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Affected by this issue is some unknown functionality of the file C:\Program Files (x86)\HostMonitor\RMA-Win\rma_active.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 12.60 is able to address this issue. It is recommended to upgrade the affected component. VDB-227714 is the identifier assigned to this vulnerability.

Affected Software

VendorProductVersion RangeStatus
ks-softAdvanced Host Monitor12.0affected
ks-softAdvanced Host Monitor12.1affected
ks-softAdvanced Host Monitor12.2affected
ks-softAdvanced Host Monitor12.3affected
ks-softAdvanced Host Monitor12.4affected
ks-softAdvanced Host Monitor12.5affected
ks-softAdvanced Host Monitor12.6affected
ks-softAdvanced Host Monitor12.7affected
ks-softAdvanced Host Monitor12.8affected
ks-softAdvanced Host Monitor12.9affected
ks-softAdvanced Host Monitor12.10affected
ks-softAdvanced Host Monitor12.11affected
ks-softAdvanced Host Monitor12.12affected
ks-softAdvanced Host Monitor12.13affected
ks-softAdvanced Host Monitor12.14affected
ks-softAdvanced Host Monitor12.15affected
ks-softAdvanced Host Monitor12.16affected
ks-softAdvanced Host Monitor12.17affected
ks-softAdvanced Host Monitor12.18affected
ks-softAdvanced Host Monitor12.19affected
ks-softAdvanced Host Monitor12.20affected
ks-softAdvanced Host Monitor12.21affected
ks-softAdvanced Host Monitor12.22affected
ks-softAdvanced Host Monitor12.23affected
ks-softAdvanced Host Monitor12.24affected
ks-softAdvanced Host Monitor12.25affected
ks-softAdvanced Host Monitor12.26affected
ks-softAdvanced Host Monitor12.27affected
ks-softAdvanced Host Monitor12.28affected
ks-softAdvanced Host Monitor12.29affected
ks-softAdvanced Host Monitor12.30affected
ks-softAdvanced Host Monitor12.31affected
ks-softAdvanced Host Monitor12.32affected
ks-softAdvanced Host Monitor12.33affected
ks-softAdvanced Host Monitor12.34affected
ks-softAdvanced Host Monitor12.35affected
ks-softAdvanced Host Monitor12.36affected
ks-softAdvanced Host Monitor12.37affected
ks-softAdvanced Host Monitor12.38affected
ks-softAdvanced Host Monitor12.39affected
ks-softAdvanced Host Monitor12.40affected
ks-softAdvanced Host Monitor12.41affected
ks-softAdvanced Host Monitor12.42affected
ks-softAdvanced Host Monitor12.43affected
ks-softAdvanced Host Monitor12.44affected
ks-softAdvanced Host Monitor12.45affected
ks-softAdvanced Host Monitor12.46affected
ks-softAdvanced Host Monitor12.47affected
ks-softAdvanced Host Monitor12.48affected
ks-softAdvanced Host Monitor12.49affected
ks-softAdvanced Host Monitor12.50affected
ks-softAdvanced Host Monitor12.51affected
ks-softAdvanced Host Monitor12.52affected
ks-softAdvanced Host Monitor12.53affected
ks-softAdvanced Host Monitor12.54affected
ks-softAdvanced Host Monitor12.55affected
ks-softAdvanced Host Monitor12.56affected

Weaknesses

  • CWE-428: CWE-428 Unquoted Search Path

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References