CVE-2023-6235

Summary

An uncontrolled search path element vulnerability has been found in the Duet Display product, affecting version 2.5.9.1. An attacker could place an arbitrary libusk.dll file in the C:\Users\user\AppData\Local\Microsoft\WindowsApps\ directory, which could lead to the execution and persistence of arbitrary code.

Affected Software

VendorProductVersion RangeStatus
Duet DisplayDuet Display for Windows 10+2.5.9.1affected

Weaknesses

  • CWE-427: CWE-427 Uncontrolled Search Path Element

ADP Enrichment

CVE Program Container

Additional References

References