Description:
CVE-2022-31467– Quick Heal Total Security before 12.1.1.27 allows DLL hijacking during installation.
Details:
A DLL hijack vulnerability was reported in the Quick Heal Total Security version prior to 12.1.1.27 that could allow the execution of arbitrary code during the installation of Quick Heal Total Security.
CVSS Score: 7.9 High
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H/E:P/RL:U/RC:R
Security Impact:
It could be abused to load any arbitrary DLL and do any malicious activity such as creating a backdoor.
Technical Root Cause of the vulnerability
1. Loading of a DLL by installer process DLL from an unprotected
2. Loading a DLL without doing an integrity check/signature check
Date of Publication: May 23rd, 2022
Remediation:
Quick Heal Total Security users are recommended to upgrade to v12.1.1.27 and above.
Vulnerability Reporter: Sandeep Kumar Singh
Leave a Reply