DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Win 98SE Dev Kit installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.
CVE ID: CVE-2024-9499
CVSS Base Severity: HIGH
CVSS Base Score: 8.6
Vendor: silabs.com
Product: USBXpress Win 98SE Dev Kit
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.72% (scored less or equal to compared to others)
EPSS Date: 2025-02-25 (when was this score calculated)