CVE-2025-47422

Name of the Vulnerable Software and Affected Versions: Advanced Installer versions prior to 22.6

Description: The issue is related to an uncontrolled search path element local privilege escalation. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writable locations for non-existent binaries and executes them as SYSTEM. A low-privileged attacker can place a malicious binary in a targeted folder, achieving arbitrary SYSTEM code execution when the installer is executed.

Recommendations: For versions prior to 22.6, update to version 22.6 or later to resolve the issue. As a temporary workaround, consider restricting access to standard-user writable locations to minimize the risk of exploitation.