6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.0%
This vulnerability allows local attackers to execute arbitrary code as SYSTEM on vulnerable installations of Microsoft Windows. An attacker must be logged in as a user on the system in order to execute the attack. The specific flaw exists within the behavior of some MSI installations. Some installations will launch an executable as SYSTEM during uninstallation or repair. The location of this executable is read from a registry key controllable by an unprivileged user, and because a repair operation does not require elevation, a standard user can use this functionality to execute arbitrary code as SYSTEM.