CNNVD-202506-1686 Information

CNNVD ID

CNNVD-202506-1686

Related CVE

CVE-2024-7562

• CNNVD Published: 2025-06-12

Description (Chinese)

Flexera InstallShield是美国Flexera公司的一款可以制作Microsoft Windows安装程序的开发包。 InstallShield 2023 R2、2022 R2和2021 R2版本存在安全漏洞，该漏洞源于配置多个InstallScript自定义操作时可能导致权限提升。

Description (English)

Flexera Install Shield is a United States company, Flexera, that can develop a Microsoft Windows installation package. InstallShield 2023 R2, 2022 R2 and 2021 R2 have a security loophole, which results from the possibility of increasing privileges when configured for multiple InstallScript custom operations.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Flexsense

Published

2025-06-12

Last Modified

2026-02-24

References

https://community.revenera.com/s/article/cve-2024-7562-privilege-escalation-vulnerability-in-created-msi-packages https://nvd.nist.gov/vuln/detail/CVE-2024-7562 https://access.redhat.com/security/cve/cve-2024-7562

Patch

https://community.revenera.com/s/article/cve-2024-7562-privilege-escalation-vulnerability-in-created-msi-packages