DLL Injection Vulnerability in TIE Secure Relay Allows Unauthorized Configuration Override and Service Execution

DLL Injection Vulnerability in TIE Secure Relay Allows Unauthorized Configuration Override and Service Execution

CVE-2024-1683 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:L

A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services.

Learn more about our Web Application Penetration Testing UK.