CVE-2022-24618

Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the "Browse For Folder" window accessible by triggering a "Repair" on the MSI package located in C:\Windows\Installer.
Configurations

Configuration 1 (hide)

cpe:2.3:a:heimdalsecurity:heimdal_premium_security:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-03-10 17:46

Updated : 2024-02-28 19:09


NVD link : CVE-2022-24618

Mitre link : CVE-2022-24618

CVE.ORG link : CVE-2022-24618


JSON object : View

Products Affected

heimdalsecurity

  • heimdal_premium_security
CWE
CWE-281

Improper Preservation of Permissions