CVE-2022-24618— Heimdal Premium Security 安全漏洞

N/A

Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the "Browse For Folder" window accessible by triggering a "Repair" on the MSI package located in C:\Windows\Installer.

N/A

N/A

Heimdal Premium Security 安全漏洞

Heimdal Premium Security是丹麦Heimdal公司的一款防病毒安全软件。 Heimdal Premium Security 2.5.395 及其之前版本存在安全漏洞，该漏洞源于Heimdal.Wizard.exe 安装程序存在不安全的权限设置。非特权本地用户或攻击者可以通过“浏览文件夹”窗口利用该漏洞实现将权限提升到SYSTEM级别。

N/A

N/A