CVE-2023-25396

EPSS 0.06%
Published 08.02.2023 19:15:12
Last modified 21.11.2024 07:49:28
Source cve@mitre.org
Teams watchlist Login
Open Login

Privilege escalation in the MSI repair functionality in Caphyon Advanced Installer 20.0 and below allows attackers to access and manipulate system files.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Caphyon ≫ Advanced Installer Version <= 20.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.177

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cve@mitre.org	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

https://www.advancedinstaller.com/release-20.1.html

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2023-25396

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-25396

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-25396

EUVD