PT-2023-7212 · Microsoft · Windows Installer+1

Abdelhamid Naceri

Publicado

2023-11-14

Atualizado

2024-05-29

CVE-2023-36705

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windows Installer (affected versions not specified)

Description The issue is related to insufficient access control in the Windows Installer, which can be exploited to elevate privileges. An elevation-of-privilege vulnerability allows attackers to affect the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Improper Access Control

Link Following

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-59

Identificadores relacionados

BDU:2023-08240

CVE-2023-36705

Produtos afetados

Windows

Windows Installer

PT-2023-7212 · Microsoft · Windows Installer+1

CVE-2023-36705

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8