Arbitrary Code Execution Vulnerability in SKCertService 2.5.5 and Earlier
CVE-2018-5202 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
SKCertService 2.5.5 and earlier contains a vulnerability that could allow remote attacker to execute arbitrary code. This vulnerability exists due to the way .dll files are loaded by SKCertService. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.
Learn more about our User Device Pen Test.