Lucene search
K
SplashtopStreamer

7 matches found

CVE
CVE
added 2020/05/21 4:16 p.m.1439 views

CVE-2020-12431

The CVE-2020-12431 entry describes a Windows local privilege escalation in Splashtop Software Updater (before 1.5.6.16) due to insecure permissions on the updater’s configuration file and a named pipe, enabling a forced permission change of Splashtop files/directories and DLL hijacking to achieve...

6.6CVSS6.6AI score0.0055EPSS
CVE
CVE
added 2022/02/15 1:45 p.m.200 views

CVE-2021-42712

The CVE-2021-42712 issue affects Splashtop Streamer up to version 3.4.8.3, where the application creates temporary files in a directory with insecure permissions. This root cause can lead to unauthorized access to temporary data and potential impact to confidentiality, integrity, and availability...

7.8CVSS7.5AI score0.00298EPSS
CVE
CVE
added 2024/07/28 12:0 a.m.75 views

CVE-2024-42050

The CVE-2024-42050 entry concerns Splashtop Streamer for Windows. The vulnerability stems from the MSI installer creating a temporary folder with weak permissions during installation, enabling a local user to escalate privileges to SYSTEM by triggering an oplock on CredProvider_Inst.reg. Affected...

7CVSS7.2AI score0.0014EPSS
CVE
CVE
added 2024/07/28 12:0 a.m.71 views

CVE-2024-42052

The CVE-2024-42052 issue concerns the MSI installer for Splashtop Streamer for Windows prior to version 3.5.8.0. The installer uses a temporary folder with weak permissions during installation, allowing a local user to escalate privileges to SYSTEM by placing a wevtutil.exe file in that folder. A...

7.8CVSS7.2AI score0.00213EPSS
CVE
CVE
added 2024/01/25 3:22 p.m.66 views

CVE-2023-3181

CVE-2023-3181 affects Splashtop Software Updater (uninst.exe). The uninstaller creates a temporary folder at C:\Windows\Temp~nsu.tmp, copies itself as Au_.exe into that folder, and then Au_.exe is launched as SYSTEM on reboot or during an MSI repair via Splashtop Streamer’s Windows Installer. The...

7.8CVSS7.6AI score0.00179EPSS
CVE
CVE
added 2024/07/28 12:0 a.m.61 views

CVE-2024-42051

The CVE-2024-42051 issue affects Splashtop Streamer for Windows before version 3.6.2.0. The MSI installer uses a temporary folder with weak permissions during installation, allowing a local user to escalate privileges to SYSTEM by replacing InstRegExp.reg. The vulnerability is a local privilege e...

7.8CVSS7.2AI score0.00155EPSS
CVE
CVE
added 2024/07/28 12:0 a.m.47 views

CVE-2024-42053

The CVE concerns Splashtop Streamer for Windows prior to version 3.6.0.0. The MSI installer creates a temporary folder with weak permissions, allowing a local attacker to place a malicious version.dll and escalate to SYSTEM during installation. Affected component: MSI installer for Windows; root ...

7.8CVSS7.2AI score0.00155EPSS