CVE-2023-37378

Name of the Vulnerable Software and Affected Versions Nullsoft Scriptable Install System (NSIS) versions prior to 3.09

Description The issue is related to insufficient access control in the Nullsoft Scriptable Install System, which can be exploited by a remote attacker to elevate their privileges. This is due to the mishandling of access control for an uninstaller directory.

Recommendations For versions prior to 3.09, update to version 3.09 or later to resolve the issue. As a temporary workaround, consider restricting access to the uninstaller directory to minimize the risk of exploitation.