CVE-2023-45160 Information

Description

In the affected version of the 1E Client an ordinary user could subvert downloaded instruction resource files e.g. to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. This has been fixed in patch Q23094 as the 1E Client’s temporary directory is now locked down

Reference

https://www.1e.com/trust-security-compliance/cve-info/