CVE-2026-2998

Summary

ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same directory as the program, thereby executing arbitrary code.

Affected Software

VendorProductVersion RangeStatus
eAI TechnologiesERP F20affected

Weaknesses

  • CWE-426: CWE-426 Untrusted Search Path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References