When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code.
7.8CVSS
7.5AI Score
0.001EPSS
When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code.
7.8CVSS
7.7AI Score
0.001EPSS
An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.
7.8CVSS
7.6AI Score
0.001EPSS