Insecure Permissions in Heimdal.Wizard.exe Installer Allows Privilege Escalation

Insecure Permissions in Heimdal.Wizard.exe Installer Allows Privilege Escalation

CVE-2022-24618 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the "Browse For Folder" window accessible by triggering a "Repair" on the MSI package located in C:\Windows\Installer.

Learn more about our User Device Pen Test.