Knaceri

**Name of the Vulnerable Software and Affected Versions** WiX Toolset versions prior to 3.14.1 WiX Toolset versions prior to 4.0.5 **Description** The WiX toolset has a vulnerability related to the use of the `GetTempPathW` function, which points to an insecure directory `C:WindowsTemp` to drop and load multiple binaries. When a bundle runs as SYSTEM user, standard users can hijack the binary before it's loaded in the application, resulting in elevation of privileges. The vulnerability is related to the fact that built-in users (non-administrators) have special permissions to the `C:WindowsTemp` folder and can create files and write to this directory. **Recommendations** For WiX Toolset versions prior to 3.14.1, update to version 3.14.1 or later to fix the vulnerability. For WiX Toolset versions prior to 4.0.5, update to version 4.0.5 or later to fix the vulnerability. As a temporary workaround, consider restricting access to the `C:WindowsTemp` directory to minimize the risk of exploitation.