CVE-2024-42053
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Jul 28, 2024
Updated: Aug 1, 2024
CWE ID 276
Summary
CVE-2024-42053 is a newly disclosed vulnerability affecting the MSI installer for Splashtop Streamer for Windows. Before version 3.6.0.0, this software utilizes a temporary folder with permissive access during installation. An attacker present as a local user can capitalize on this weakness by depositing a malicious version.dll file in the designated folder, thereby escalating their privileges to the SYSTEM level.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Streamer