Primary

Context

libretro RetroArch Untrusted Search Path Vulnerability in profapi.dll Component

Vulnerability

A vulnerability allowing for code injection via an untrusted search path has been identified in libretro RetroArch versions through 1.19.1 on Windows. The issue arises in the Startup component, specifically within the profapi.dll library. During startup, the application loads DLL files from the local installation folder, creating an opportunity to inject code into a manipulated profapi.dll file. This could potentially lead to remote code execution through DLL injection.

Impact

Exploitation of this vulnerability could allow for code execution on the affected system, with the injected code running in the context of the user.

Reproduction

To reproduce this vulnerability, place a malicious DLL file named 'profapi.dll' in the RetroArch installation directory. When RetroArch is launched, it will load the injected DLL, allowing the execution of arbitrary code.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

10.0

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

10.0

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libretro RetroArch Untrusted Search Path Vulnerability in profapi.dll Component

Vulnerability

Impact

Reproduction

Affected Products

libretro RetroArch

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating