Published: 26/01/2022 Updated: 02/02/2022
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

In ListCheck.exe in Acer Care Center 4.x prior to 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local malicious user to perform a DLL hijacking attack. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file on the targeted system. This file will execute when the vulnerable application launches. A successful exploit could allow the malicious user to execute arbitrary code on the targeted system with local administrator privileges.

Most Upvoted Vulmon Research Post

Acer ships most of the laptop it sells with a software suite called Care Center Service installed. In versions up to 4.00.3034 included, one of the suite’s programs is an executable named ListCheck.exe, which runs at logon with the highest privilege available and suffers from a phantom DLL hijacking. This can lead to a privilege escalation when an administrator logs in. Blogpost: https://aptw.tf/2022/01/20/acer-care-center-privesc.html

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

acer care center