Weak Temp Folder Permissions Lead to Privilege Escalation in MSI Installer
CVE-2024-42050

7HIGH

Key Information:

Vendor: Splashtop
Vendor: CVE Published:; 28 July 2024

What is CVE-2024-42050?

The MSI installer for Splashtop Streamer on Windows versions before 3.7.0.0 has been found to utilize a temporary installation folder that allows for weak permissions. This weakness provides an avenue for local users to exploit the system, enabling potential privilege escalation to the SYSTEM level. The exploit can occur via an oplock on the CredProvider_Inst.reg file, which may compromise system integrity and security. Users of the affected versions are encouraged to update their installations to mitigate this vulnerability.

References

https://github.com/SpacePlant/Vulns/blob/main/Advisories/...

https://support-splashtopbusiness.splashtop.com/hc/en-us/...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 28, 2024
Vulnerability Reserved
Jul 28, 2024