CVE-2024-7562

Summary

A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions (InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2) are affected by this issue.

Affected Software

VendorProductVersion RangeStatus
ReveneraInstallShield2023 R2affected
ReveneraInstallShield2022 R2affected
ReveneraInstallShield2021 R2affected

Weaknesses

  • CWE-379: CWE-379

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References