Denial of Service Vulnerability in Revenera InstallShield Software
CVE-2025-12418

5.6MEDIUM

Key Information:

Vendor: Revenera
Status: Installshield
Vendor: CVE Published:; 7 November 2025

What is CVE-2025-12418?

A potential Denial of Service issue exists in all supported versions of Revenera InstallShield. This vulnerability can be triggered during the uninstallation process when a local administrator unintentionally follows a symlink in a user-writable configuration directory. This flaw can result in an unintended disruption of services. The issue has been addressed with specific hotfixes for affected versions, ensuring enhanced security during installation and removal processes.

Affected Version(s)

InstallShield Windows 2023.R1 <= 2023.R2

InstallShield Windows 2024.R1 <= 2024.R2

InstallShield Windows 2025.R1

References

https://community.revenera.com/s/article/CVE-2025-12418-P...

CVSS V4

Score:

5.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 7, 2025
Vulnerability Reserved
Oct 28, 2025

JSON