CVE-2023-4936

It is possible to sideload a compromised DLL during the installation at elevated privilege.
Configurations

Configuration 1 (hide)

cpe:2.3:a:synaptics:displaylink_usb_graphics:*:*:*:*:*:windows:*:*

History

17 Oct 2023, 17:10

Type Values Removed Values Added
First Time Synaptics
Synaptics displaylink Usb Graphics
CPE cpe:2.3:a:synaptics:displaylink_usb_graphics:*:*:*:*:*:windows:*:*
References (MISC) https://www.synaptics.com/products/displaylink-graphics/downloads/windows - (MISC) https://www.synaptics.com/products/displaylink-graphics/downloads/windows - Product
References (MISC) https://www.synaptics.com/sites/default/files/nr-154525-tc-synaptics_displaylink_windows_driver_security_brief_-_oct2023.pdf - (MISC) https://www.synaptics.com/sites/default/files/nr-154525-tc-synaptics_displaylink_windows_driver_security_brief_-_oct2023.pdf - Vendor Advisory
References (MISC) https://www.synaptics.com/ - (MISC) https://www.synaptics.com/ - Product
CWE CWE-427
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8

11 Oct 2023, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-11 17:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-4936

Mitre link : CVE-2023-4936

CVE.ORG link : CVE-2023-4936


JSON object : View

Products Affected

synaptics

  • displaylink_usb_graphics
CWE
CWE-427

Uncontrolled Search Path Element

CWE-269

Improper Privilege Management