CVE-2024-9490

CVE-2024-9490 is a DLL hijacking vulnerability stemming from an uncontrolled search path in the Silicon Labs (8-bit) IDE installer. This flaw, classified under CWE-427, enables privilege escalation and arbitrary code execution when the affected installer is executed. It received a CVSS v3.1 base score of 8.6 (AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H), highlighting its high severity due to local attack vector, low complexity, no required privileges, and user interaction via running the installer, with a scope change amplifying impacts on confidentiality, integrity, and availability.

A local attacker can exploit this vulnerability by placing a malicious DLL in a directory included in the installer's search path, which the application checks before secure locations. No special privileges are needed beforehand, but the target user must initiate the installer execution, making social engineering or user error a common trigger. Successful exploitation allows the attacker to elevate privileges and run arbitrary code in the context of the installer process, potentially compromising the system.

For mitigation details, refer to the Silicon Labs community advisory at https://community.silabs.com/068Vm00000JUQwd.