CVE-2023-29080

Name of the Vulnerable Software and Affected Versions Revenera InstallShield versions 2021 R2 through 2022 R2

Description The issue concerns a potential privilege escalation vulnerability due to the addition of an InstallScript custom action to a Basic MSI or InstallScript MSI project. This action extracts binaries to a predefined writable folder during installation time. Since the standard user account has write access to these files and folders, replacing them during installation can lead to a DLL hijacking vulnerability.

Recommendations For Revenera InstallShield versions 2021 R2 and 2022 R2, consider disabling the InstallScript custom action that extracts binaries to a predefined writable folder until a patch is available. Restrict access to the predefined writable folder to minimize the risk of exploitation. Avoid using the affected InstallScript custom action in Basic MSI or InstallScript MSI projects until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.