ГлавнаяУязвимости → CVE-2025-10213
7.8высокая

CVE-2025-10213

Описание

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\<user>\AppData\Local\Microsoft\WindowsApps\' directory, which could lead to arbitrary code execution and persistence.

Затрагиваемое ПО
Updf Updf
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-updf