CVE-2023-49147

Published: Dec 19, 2023

Modified: Aug 2, 2024

PUBLISHED

Description

An issue was discovered in PDF24 Creator 11.14.0. The configuration of the msi installer file was found to produce a visible cmd.exe window when using the repair function of msiexec.exe. This allows an unprivileged local attacker to use a chain of actions (e.g., an oplock on faxPrnInst.log) to open a SYSTEM cmd.exe.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20231212 SEC Consult SA-20231211-0 :: Local Privilege Escalation via MSI installer in PDF24 Creator

mailing-list

http://packetstormsecurity.com/files/176206/PDF24-Creator-11.15.1-Local-Privilege-Escalation.html

https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-pdf24-creator-geek-software-gmbh/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-49147

Description

Affected Products

References