CVE-2017-7444

In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
References
http://www.securityfocus.com/bid/97483
https://www.veritas.com/content/support/en_US/security/VTS17-001.html#Issue1
http://www.securityfocus.com/bid/97483
https://www.veritas.com/content/support/en_US/security/VTS17-001.html#Issue1