CVE Vulnerabilities

CVE-2021-41526

Published: Mar 29, 2023 | Modified: Apr 19, 2024
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action.

Affected Software

Name Vendor Start Version End Version
Revenera_installshield Flexera * 2021 (excluding)
Revenera_installshield Flexera 2021 (including) 2021 (including)
Revenera_installshield Flexera 2021-r1 (including) 2021-r1 (including)

References