CVE-2017-7444

EUVD-2017-16468
In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
References
http://www.securityfocus.com/bid/97483
https://www.veritas.com/content/support/en_US/security/VTS17-001.html#Issue1
http://www.securityfocus.com/bid/97483
https://www.veritas.com/content/support/en_US/security/VTS17-001.html#Issue1