Authenticated local attackers can achieve arbitrary code execution on systems running eAI Technologies ERP by exploiting a DLL hijacking flaw.

The application fails to securely validate or specify the full path of required DLL files. This allows an authenticated local attacker to place a malicious DLL in the program's directory, which the application then loads and executes with the program's privileges.

Successful exploitation allows an attacker to escalate privileges or maintain persistence on a local workstation or server. This could lead to the theft of corporate data or further lateral movement within the corporate network. The CVSS score of 7.8 indicates a High severity, primarily limited by the requirement for local access and authentication.

Immediate Action: Apply the official security updates from eAI Technologies immediately to ensure the application uses secure library loading mechanisms.

Proactive Monitoring: Monitor for the creation of unexpected DLL files in application directories and review system logs for unauthorized administrative-level process executions.

Compensating Controls: Implement strict folder permissions to prevent non-administrative users from writing files to the ERP application directory.

Public Exploit Available: false

While this vulnerability requires local access, the potential for arbitrary code execution makes it a significant risk for environments where multiple users share systems. IT administrators should verify directory permissions and deploy the vendor's patch as soon as possible to mitigate the risk of privilege escalation.