CVE-2025-64772
📋 TL;DR
This vulnerability allows attackers to execute arbitrary code by exploiting insecure DLL loading in the INZONE Hub installer. When users run the installer, malicious DLLs placed in specific directories could be loaded instead of legitimate ones. This affects users installing INZONE Hub versions 1.0.10.3 through 1.0.17.0.
💻 Affected Systems
- Sony INZONE Hub
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise if installer runs with administrative privileges, allowing attacker to install malware, create backdoors, or steal sensitive data.
Likely Case
Local privilege escalation leading to user account compromise and potential lateral movement within the network.
If Mitigated
Limited to user-level access if installer runs with minimal privileges, but still allows data theft and further exploitation.
🎯 Exploit Status
Exploitation requires local access to place malicious DLLs and user interaction to run installer. No authentication bypass needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.0.18.0 or later
Vendor Advisory: https://www.sony.com/electronics/support/others-software/inzone-hub
Restart Required: No
Instructions:
1. Download latest INZONE Hub installer from Sony's official website. 2. Uninstall current version. 3. Install updated version 1.0.18.0 or later.
🔧 Temporary Workarounds
Restrict installer execution locations
windowsOnly run installer from trusted directories and avoid running from network shares or untrusted locations.
Use application whitelisting
windowsConfigure Windows Defender Application Control or similar to restrict DLL loading from untrusted paths.
🧯 If You Can't Patch
- Avoid running INZONE Hub installer from network shares or untrusted directories
- Run installer with standard user privileges instead of administrative rights
🔍 How to Verify
Check if Vulnerable:
Check INZONE Hub version in Settings > About. If version is between 1.0.10.3 and 1.0.17.0, system is vulnerable.Check Version:
Check application version in Windows Settings or Control Panel > Programs and FeaturesVerify Fix Applied:
Verify installed version is 1.0.18.0 or later in Settings > About.📡 Detection & Monitoring
Log Indicators:
- Windows Event Logs showing DLL loading from unusual locations during installer execution
- Process Monitor logs showing DLL search order hijacking
Network Indicators:
- Unusual network connections originating from installer process
SIEM Query:
EventID=4688 AND (ProcessName LIKE '%inzone%' OR ProcessName LIKE '%installer%') AND CommandLine CONTAINS 'DLL'