3 matches found
CVE-2022-27438
CVE-2022-27438 affects Caphyon Advanced Installer 19.3 and earlier and products using the Advanced Updater. The root cause is a remote code execution vulnerability in the update check function via the CustomDetection parameter. Exploitation requires starting an affected installation to trigger th...
CVE-2022-4956
CVE-2022-4956 affects Caphyon Advanced Installer 19.7, impacting the WinSxS DLL Handler component and causing an uncontrolled search path. Exploitation requires local access; the exploit has been disclosed publicly. Upgrading to version 19.7.1 addresses the issue. No other technical details are p...
CVE-2023-25396
CVE-2023-25396 affects Caphyon Advanced Installer (MSI repair functionality) with privilege escalation in versions 20.0 and below. The root cause is an elevation of privilege via the MSI repair feature, allowing an attacker to access and manipulate system files. Relevant sources consistently desc...