Authored by Christian Bortone

Soft-o Free Password Manager version 1.1.20 suffers from a dll hijacking vulnerability.

advisories | CVE-2023-25428

# Title:

Soft-o Free Password Manager 1.1.20 DLL hijacking

# Credit:

Christian Bortone

# CVE:

CVE-2023-25428

# Date:

08/05/2023 (dd/mm/yyyy)

# Details:

PMHook.dll is vulnerable to DLL hijacking attacks. An attacker can launch a DLL hijacking attack by placing a malicious DLL named PMHook.dll in the target system directory and exploiting vulnerabilities in the DLL loading mechanism.