Russian Vulnerability Scanner Database

Back to List

CVE-2022-24618

Scores

EPSS

0.000none0.0%
0%20%40%60%80%100%

Percentile: 0.0%

CVSS

7.8high3.x
0246810

CVSS Score: 7.8/10

All CVSS Scores

CVSS 3.x
7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Description

Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the “Browse For Folder” window accessible by triggering a “Repair” on the MSI package located in C:\Windows\Installer.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

nvd

CWEs

CWE-281

Vulnerable Software (1)

Type: Configuration

Vendor: heimdalsecurity

Product: heimdal_premium_security

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:heimdalsecurity:heimdal_premium_security:*:*:*:*:*:*:*:*",      "versionEndExcluding": "2.5.398",      "vulnerable": true    }  ],  "operator...

Source: nvd