PT-2025-44308 · Microsoft+2 · Windows+2
Published
2025-10-29
·
Updated
2025-10-29
·
CVE-2024-14012
CVSS v4.0
7.3
High
| Vector | AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H |
Name of the Vulnerable Software and Affected Versions
Revenera InstallShield versions prior to 2023 R2
Description
A privilege escalation issue exists in Revenera InstallShield version 2023 R1 when running a renamed Setup.exe on Windows. If a local administrator executes a renamed Setup.exe, the
MPR.dll may load from an insecure location, potentially leading to privilege escalation.Recommendations
Update to version 2023 R2 or later.
Fix
LPE
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Installshield
Mpr.Dll
Windows