Privilege Escalation Vulnerability in Windows Installer with InstallScript Custom Action

Privilege Escalation Vulnerability in Windows Installer with InstallScript Custom Action

CVE-2021-41526 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action.

Learn more about our Web Application Penetration Testing UK.