CPE Details
Cisco Packet Tracer 8.0
8.0
2021-08-09
16h32 +00:00
16h32 +00:00
2021-08-27
11h05 +00:00
11h05 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:cisco:packet_tracer:8.0:*:*:*:*:*:*:*
Informations
Vendor
ciscoProduct
packet_tracerVersion
8.0Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path on the system, which can cause a malicious DLL file to be loaded when the application starts. A successful exploit could allow an attacker with normal user privileges to execute arbitrary code on the affected system with the privileges of another user’s account. | 7.3 |
High |
||
| An untrusted search path (aka DLL Preload) vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory where a crafted DLL has been placed by an attacker. The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerability by creating a malicious DLL file and installing it in a specific system directory. A successful exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account. An attacker would need valid user credentials to exploit this vulnerability. | 6.7 |
Medium |
2025©
tesweb SA
