InstallShield Privilege Escalation

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description ---|--- CVE-2024-14012 Issued by Revenera| https://vulners.com/cve/CVE-2024-14012...

CVE-2023-29080

Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021 R2 due to adding InstallScript custom action to a Basic MSI or InstallScript MSI project extracting few binaries to a predefined writable folder during installation time. The standard user account has...

CVE-2025-12418 Potential Denial of Service in Supported Versions of Revenera InstallShield

Potential Denial of Service issue in all supported versions of Revenera InstallShield version 2025 R1, 2024 R2, 2023 R2, and prior. When e.g., a local administrator performs an uninstall, a symlink may get followed on removal of a user writeable configuration directory and induce a Denial of...

PT-2025-45507

Name of the Vulnerable Software and Affected Versions Revenera InstallShield versions 2023 R2 through 2025 R1 Description A potential Denial of Service issue exists in Revenera InstallShield. When a local administrator performs an uninstall, a symbolic link may be followed during the removal of a...

Revenera InstallShield 安全漏洞

Revenera InstallShield Flexera InstallShield is a development package from Revenera Inc. for building Windows installers and MSIX packages. Revenera InstallShield Flexera InstallShield A security vulnerability exists in Revenera InstallShield Flexera InstallShield version 2025 R1, 2024 R2, 2023 R...

EUVD-2024-55044

Potential privilege escalation issue in Revenera InstallShield version 2023 R1 running a renamed Setup.exe on Windows. When a local administrator executes a renamed Setup.exe, the MPR.dll may get loaded from an insecure location and can result in a privilege escalation. The issue has been fixed i...

CVE-2024-14012

Potential privilege escalation issue in Revenera InstallShield version 2023 R1 running a renamed Setup.exe on Windows. When a local administrator executes a renamed Setup.exe, the MPR.dll may get loaded from an insecure location and can result in a privilege escalation. The issue has been fixed i...

CVE-2024-14012 Potential Privilege Escalation in Revenera InstallShield 2023 R1

Potential privilege escalation issue in Revenera InstallShield version 2023 R1 running a renamed Setup.exe on Windows. When a local administrator executes a renamed Setup.exe, the MPR.dll may get loaded from an insecure location and can result in a privilege escalation. The issue has been fixed i...

Revenera InstallShield 安全漏洞

Revenera InstallShield Flexera InstallShield is a development package from Revenera Inc. for building Windows installers and MSIX packages. A security vulnerability exists in Revenera InstallShield version 2023 R1, which stems from MPR.dll being loaded from an insecure location, which could lead ...

PT-2025-44308

Name of the Vulnerable Software and Affected Versions Revenera InstallShield versions prior to 2023 R2 Description A privilege escalation issue exists in Revenera InstallShield version 2023 R1 when running a renamed Setup.exe on Windows. If a local administrator executes a renamed Setup.exe, the...

EUVD-2023-32683

Malicious code in bioql PyPI...

CVE-2023-29080

Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021 R2 due to adding InstallScript custom action to a Basic MSI or InstallScript MSI project extracting few binaries to a predefined writable folder during installation time. The standard user account has...

CVE-2023-29080 Privilege escalation in InstallShield

Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021 R2 due to adding InstallScript custom action to a Basic MSI or InstallScript MSI project extracting few binaries to a predefined writable folder during installation time. The standard user account has...

CVE-2023-29080

CVE-2023-29080 concerns Revenera InstallShield (versions 2021 R2 and 2022 R2). A DLL hijacking vulnerability arises from an InstallScript custom action that extracts binaries to a predefined writable folder during installation. With standard user write access to these files/folders, an attacker c...

CVE-2023-29080 Privilege escalation in InstallShield

Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021 R2 due to adding InstallScript custom action to a Basic MSI or InstallScript MSI project extracting few binaries to a predefined writable folder during installation time. The standard user account has...

PT-2025-1387 · Revenera · Revenera Installshield

Name of the Vulnerable Software and Affected Versions: Revenera InstallShield versions 2021 R2 through 2022 R2 Description: The issue concerns a potential privilege escalation vulnerability due to the addition of an InstallScript custom action to a Basic MSI or InstallScript MSI project. This...

Revenera InstallShield 安全漏洞

Revenera InstallShield Flexera InstallShield is a development package from Revenera Inc. for building Windows installers and MSIX packages. A security vulnerability exists in Revenera InstallShield version 2022 R2 and version 2021 R2, which stems from a DLL hijacking triggered by improperly...

Unlocking Seamless API Security: Revenera’s Journey with Wallarm

In today's digital landscape, ensuring the security of web applications and APIs is paramount. The journey to find the right security solution can be filled with challenges and choices. In this blog post, we'll dive into the experience of Rob Davies, VP of Engineering and Lead Architect at...

Revenera FlexNet Code Insight 授权问题漏洞

Revenera FlexNet Code Insight is a single integrated solution for open source license compliance and security from Revenera, Germany. An authorization issue vulnerability exists in Code Insight because the product does not effectively handle Spring MVC responses, which can be exploited to cause a...