OM Workspace (Windows Edition) Ver 2.4 and earlier
Summary
The Windows installer for OM Workspace insecurely loads untrusted dynamic link libraries (DLLs). A local attacker with write access to the system can place malicious DLLs that execute when the installer runs. Attackers can gain arbitrary code execution with the privileges of the user running the installer.
Remediation
Upgrade OM Workspace (Windows Edition) to the latest patched version from the official vendor. Remove untrusted DLL files from system root directories and restrict non-administrative write access to system paths. Avoid running the installer from untrusted working directories.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.