Streamer Security Vulnerabilities and Issues — Streamer CVE List

Lucene search

SplashtopStreamer

6 matches found

CVE•added 2020/05/21 5:15 p.m.•1425 views

CVE-2020-12431

A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with resul...

6.6CVSS6.6AI score0.00016EPSS

CVE•added 2022/02/15 2:15 p.m.•185 views

CVE-2021-42712

Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.

7.8CVSS7.5AI score0.00034EPSS

CVE•added 2024/07/28 3:15 a.m.•58 views

CVE-2024-42052

The MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder.

7.8CVSS7.2AI score0.00026EPSS

CVE•added 2024/07/28 3:15 a.m.•47 views

CVE-2024-42051

The MSI installer for Splashtop Streamer for Windows before 3.6.2.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by replacing InstRegExp.reg.

7.8CVSS7.2AI score0.00025EPSS

CVE•added 2024/07/28 3:15 a.m.•37 views

CVE-2024-42050

The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProvider_Inst.reg.

7CVSS7.2AI score0.00019EPSS

CVE•added 2024/07/28 3:15 a.m.•34 views

CVE-2024-42053

The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder.

7.8CVSS7.2AI score0.00025EPSS