2021-03-25 15:52:28
bosch
PUBLISHED
Loading a DLL through an Uncontrolled Search Path Element in the Bosch Configuration Manager installer up to and including version 7.21.0078 potentially allows an attacker to execute arbitrary code on a victims system. A prerequisite is that the victim is tricked into placing a malicious DLL in the same directory where the installer is started from.