{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-42048", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-08-29T19:35:04.557Z", "dateReserved": "2024-07-28T00:00:00.000Z", "datePublished": "2025-08-07T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-08-29T19:35:04.557Z"}, "descriptions": [{"lang": "en", "value": "OpenOrange Business Framework version 1.15.5 installs to a directory with overly permissive access control, allowing all authenticated users to write to the installation path. In combination with the application's behavior of loading DLLs from this location, this allows for DLL hijacking and may result in arbitrary code execution and privilege escalation."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://docs.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-search-order"}, {"url": "https://support.microsoft.com/en-us/topic/secure-loading-of-libraries-to-prevent-dll-preloading-attacks-d41303ec-0748-9211-f317-2edc819682e1"}, {"url": "https://resources.infosecinstitute.com/topic/dll-hijacking"}, {"url": "https://attack.mitre.org/techniques/T1574/001"}, {"url": "https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibrarya"}, {"url": "https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibraryexa"}, {"url": "https://www.openorange.com"}, {"url": "https://landings.openorange.com/l/erp-peru-a.html"}, {"url": "https://raw.githubusercontent.com/securityadvisories/Security-Advisories/refs/heads/main/Advisories/Blaze%20Information%20Security%20-%20DLL%20Hijacking%20in%20OpenOrange%20Business%20Framework%20Allows%20Arbitrary%20Code%20Execution%20and%20Potential%20Privilege%20Escalation.txt"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-08-07T20:34:46.487465Z", "id": "CVE-2024-42048", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-07T20:35:18.917Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-42048", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-07T20:34:46.487465Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-07T20:35:14.821Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://docs.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-search-order"}, {"url": "https://support.microsoft.com/en-us/topic/secure-loading-of-libraries-to-prevent-dll-preloading-attacks-d41303ec-0748-9211-f317-2edc819682e1"}, {"url": "https://resources.infosecinstitute.com/topic/dll-hijacking"}, {"url": "https://attack.mitre.org/techniques/T1574/001"}, {"url": "https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibrarya"}, {"url": "https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibraryexa"}, {"url": "https://www.openorange.com"}, {"url": "https://landings.openorange.com/l/erp-peru-a.html"}, {"url": "https://raw.githubusercontent.com/securityadvisories/Security-Advisories/refs/heads/main/Advisories/Blaze%20Information%20Security%20-%20DLL%20Hijacking%20in%20OpenOrange%20Business%20Framework%20Allows%20Arbitrary%20Code%20Execution%20and%20Potential%20Privilege%20Escalation.txt"}], "descriptions": [{"lang": "en", "value": "OpenOrange Business Framework version 1.15.5 installs to a directory with overly permissive access control, allowing all authenticated users to write to the installation path. In combination with the application's behavior of loading DLLs from this location, this allows for DLL hijacking and may result in arbitrary code execution and privilege escalation."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-08-29T19:35:04.557Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42048", "state": "PUBLISHED", "dateUpdated": "2025-08-29T19:35:04.557Z", "dateReserved": "2024-07-28T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-08-07T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OpenOrange Business Framework version 1.15.5 installs to a directory with overly permissive access control, allowing all authenticated users to write to the installation path. In combination with the application's behavior of loading DLLs from this location, this allows for DLL hijacking and may result in arbitrary code execution and privilege escalation."}, {"lang": "es", "value": "OpenOrange Business Framework 1.15.5 proporciona a los usuarios sin privilegios acceso de escritura al directorio de instalaci\u00f3n."}], "id": "CVE-2024-42048", "lastModified": "2025-08-29T20:15:34.227", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-08-07T17:15:27.060", "references": [{"source": "cve@mitre.org", "url": "https://attack.mitre.org/techniques/T1574/001"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibrarya"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibraryexa"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-search-order"}, {"source": "cve@mitre.org", "url": "https://landings.openorange.com/l/erp-peru-a.html"}, {"source": "cve@mitre.org", "url": "https://raw.githubusercontent.com/securityadvisories/Security-Advisories/refs/heads/main/Advisories/Blaze%20Information%20Security%20-%20DLL%20Hijacking%20in%20OpenOrange%20Business%20Framework%20Allows%20Arbitrary%20Code%20Execution%20and%20Potential%20Privilege%20Escalation.txt"}, {"source": "cve@mitre.org", "url": "https://resources.infosecinstitute.com/topic/dll-hijacking"}, {"source": "cve@mitre.org", "url": "https://support.microsoft.com/en-us/topic/secure-loading-of-libraries-to-prevent-dll-preloading-attacks-d41303ec-0748-9211-f317-2edc819682e1"}, {"source": "cve@mitre.org", "url": "https://www.openorange.com"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}