Rufus
Moderate fix1 remedy
cpe:2.3:a:rufus_project:rufus:*:*:*:*:*:*:*
Moderate fix1 remedy
- <= 4.6.2208
Rufus DLL Hijacking Vulnerability Allowing Privilege Escalation
Vulnerability
Patched
A DLL hijacking vulnerability has been identified in Rufus versions through 4.6.2208. This vulnerability allows an attacker to load and execute a malicious DLL with elevated privileges. The issue arises from the application's behavior of loading 'cfgmgr32.dll' from the same directory as the executable, a process that can be exploited by placing a malicious DLL in that location. Once injected, the DLL is automatically loaded, taking advantage of the higher privileges granted to Rufus at launch.
Impact
Exploitation of this vulnerability could lead to local privilege escalation, allowing an attacker to execute malicious code with elevated rights.
Reproduction
The vulnerability can be reproduced by placing a malicious 'cfgmgr32.dll' file in the same directory as the Rufus executable. When Rufus is launched, the application will automatically load the malicious DLL, exploiting the DLL hijacking vulnerability and executing the injected code with elevated privileges.
Remediation
Users are advised to upgrade to Rufus version 4.7 or later, which addresses this vulnerability.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
6.6impact
10.0exploitability
4.3remediation
7.7relevance
0.0threat
4.8urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.