o A vulnerability in the Tobesoft XPLATFORM could allow remote attacker to cause arbitrary code execution.
o A vulnerability is caused by improper verification of signed DLLs when Xplatform load DLLs.
Arbitrary File Execution
o Xplatform can load unauthorized DLL files, enabling arbitrary code execution(CVE-2019-19166)
□ Affected Products
o Update software over 22.214.171.1240 version
□ Reference site
o Thanks to Jeongun Baek for reporting this vulerability