Primary

Context

eMPIA Technology AVACAST DLL Hijacking Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A DLL hijacking vulnerability has been identified in AVACAST developed by eMPIA Technology. This vulnerability allows authenticated local attackers to place a malicious DLL in a specific directory. When the system loads the DLL, it can execute arbitrary code with system privileges. This issue affects AVACAST for Windows, version 5.10.10.43 and earlier.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with system privileges, potentially allowing attackers to manipulate system functions or access sensitive information.

Remediation

Users are advised to update AVACAST to version 5.10.10.45 or later.

Added: Apr 28, 2026, 10:24 AM

Updated: Apr 28, 2026, 10:24 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

6.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

3.3

remediation

0.0

relevance

6.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

eMPIA Technology AVACAST DLL Hijacking Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating