Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation vulnerability. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writable locations for non-existent binaries and executes them as SYSTEM. A low-privileged attacker can place a malicious binary in a targeted folder; when the installer is executed, the attacker achieves arbitrary SYSTEM code execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Advanced Installer 安全漏洞
Vulnerability Description
Advanced Installer是Advanced Installer开源的一款打包软件。 Advanced Installer 22.6之前版本存在安全漏洞,该漏洞源于搜索路径元素控制不当,可能导致本地权限提升。
CVSS Information
N/A
Vulnerability Type
N/A