CVE-2025-43715

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Apr 17, 2025

CWE ID 754

Summary

CVE-2025-43715 is a vulnerability impacting the Nullsoft Scriptable Install System (NSIS) prior to version 3.11 on Windows. This issue grants local users the ability to elevate privileges to the SYSTEM level during the installation process. The root cause is a race condition in the EW_CREATEDIR function, which fails to consistently set the CreateRestrictedDirectory error flag. Unprivileged users can exploit this vulnerability by placing a crafted executable file in the temporary plugins directory, located under %WINDIR%\\temp, before NSIS creates it. Successful exploitation allows the attacker to escalate privileges and gain full control over the affected system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Scriptable Install System

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners