CVE-2018-20211
NONE EPSS 68.7%
Published Jan 2, 20197y ago · Modified Jun 17, 20262w ago
Published Jan 2, 2019 7y ago
Last Modified Jun 17, 2026 2w ago
Description
ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 (9.x was released starting in 2012, and 10.x was released starting in 2015).
Threat Intelligence
EPSS Exploit Probability
68.7% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-427
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| exiftool_project | exiftool | 8.32 | any |
References 2
- packetstormsecurity.com http://packetstormsecurity.com/files/150892/Exiftool-8.3.2.0-DLL-Hijacking.html
- seclists.org http://seclists.org/fulldisclosure/2018/Dec/44
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.