CVE-2024-25376

Name of the Vulnerable Software and Affected Versions Thesycon Software Solutions Gmbh & Co. KG TUSBAudio versions prior to 5.68.0

Description An issue in TUSBAudio MSI-based installers allows a local attacker to execute arbitrary code via the msiexec.exe repair mode. This enables a local attacker to potentially escalate privileges.

Recommendations For versions prior to 5.68.0, update to version 5.68.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the msiexec.exe repair mode until a patch is applied.