What is CVE-2010-0103?

CVE-2010-0103 is a vulnerability in Energizer Duo_usb, classified under Code Injection. Published 2010-03-10.

Is CVE-2010-0103 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Energizer Duo_usb

CVE-2010-0103

UsbCharger.dll in the Energizer DUO USB battery charger software contains a backdoor that is implemented through the Arucer.dll file in the %WINDIR%\system32 directory, which allows remote attackers to download arbitrary programs onto a Wi…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.768 (99.0th percentile) — read the EPSS interpretation.

Affected products

Energizer Duo_usb
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

References

VU#154421 (US Government Resource, x_refsource_CERT-VN, third-party-advisory)
cret@cert.org (x_refsource_MISC)
38571 (Exploit, vdb-entry, x_refsource_BID)
cret@cert.org (Exploit, x_refsource_MISC)

Frequently asked questions

What is CVE-2010-0103?: CVE-2010-0103 is a vulnerability in Energizer Duo_usb, classified under Code Injection. Published 2010-03-10.
Is CVE-2010-0103 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.