Shanghai Bairui Information Technology SunloginClient Uncontrolled Search Path Vulnerability in Process.dll

Vulnerability

A critical vulnerability exists in Shanghai Bairui Information Technology SunloginClient version 15.8.3.19819. The issue arises in the library process.dll, specifically within the file sunlogin_guard.exe, where an uncontrolled search path vulnerability has been introduced. This vulnerability requires local access to exploit and is characterized by a high complexity, making it difficult to execute. Although the vulnerability has been publicly disclosed and could potentially be exploited, the vendor has not responded to prior disclosure attempts.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution, allowing an attacker to execute malicious code with the privileges of the user running the SunloginClient.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Shanghai Bairui Information Technology SunloginClient Uncontrolled Search Path Vulnerability in Process.dll

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating