Blizzard Battle.Net Uncontrolled Search Path Vulnerability in profapi.dll

Vulnerability

A critical vulnerability has been identified in Blizzard Battle.Net versions prior to 2.39.0.15212 on Windows. The issue arises from an unknown functionality in the library profapi.dll, leading to an uncontrolled search path. This vulnerability requires local exploitation, and while the attack complexity is high, the vendor has assessed the risk level as low.

Impact

Exploitation of this vulnerability could lead to a local privilege escalation, allowing an attacker to execute code with elevated rights.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

10.0

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

10.0

exploitability

3.3

remediation

Blizzard Battle.Net Uncontrolled Search Path Vulnerability in profapi.dll

Vulnerability

Impact

Affected Products

Blizzard Battle.Net

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating