DLL Hijacking Vulnerability in Notepad++ Versions 8.4.1 and Earlier

DLL Hijacking Vulnerability in Notepad++ Versions 8.4.1 and Earlier

CVE-2022-32168 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.

Learn more about our Web Application Penetration Testing UK.