DLL Hijack Vulnerability in ShowMyPC 3606 on Windows

DLL Hijack Vulnerability in ShowMyPC 3606 on Windows

CVE-2021-42923 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%\ShowMyPC\-ShowMyPC3606\wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as administrator.

Learn more about our User Device Pen Test.