Lucene search
K

5 matches found

OSV
OSV
added 2024/03/25 7:42 p.m.25 views

GHSA-RF39-3F98-XR7R WiX based installers are vulnerable to binary hijack when run as SYSTEM

Summary Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users. Details When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to dro...

7.3CVSS7AI score0.00463EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/02/15 12:0 a.m.48 views

Wix Toolset < 3.14 / 4.x < 4.0.4 Privilege Escalation

The version of Wix Toolset installed on the remote host is prior to 3.14.0 or 4.x prior to 4.0.4. It is, therefore, affected by a privilege escalation vulnerability. The .be TEMP folder is vulnerable to DLL redirection attacks that allow an unauthenticated, local attacker to escalate privileges...

8.2CVSS7.6AI score0.00235EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/02/08 6:24 p.m.19 views

PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...

7.2AI score
Exploits0References2Affected Software1
OSV
OSV
added 2024/02/08 6:24 p.m.11 views

GHSA-8V28-3G86-CHJ5 PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...

8.2CVSS7.2AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2024/02/08 6:23 p.m.26 views

WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

Summary .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. Details If the bundle is not run as admin, the user's TEMP folder is used and not the system TEMP folder. A utility is able to monitor the user's TEMP folder for changes and drop its o...

8.2CVSS8.2AI score0.00235EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder