216.73.217.64

CVE-2024-14012

· Published 29/10/2025 16:15 · Modified 29/10/2025 16:15

Labels: CVE-2024-14012 2025-10-29CVE-2024-14012CWE-426[email protected]

Essential information

Published
29/10/2025 16:15
Modified
29/10/2025 16:15
Author
Creator
CVSS
7.3 HIGH (v3) 7.3 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Potential privilege escalation issue in Revenera InstallShield version 2023 R1 running a renamed Setup.exe on Windows. When a local administrator executes a renamed Setup.exe, the MPR.dll may get loaded from an insecure location and can result in a privilege escalation. The issue has been fixed in versions 2023 R2 and later.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
flexera / installshield cpe:2.3:a:flexera:installshield:2023:r1:*:*:*:*:*:*
flexera / installshield cpe:2.3:a:flexera:installshield:2023:r2:*:*:*:*:*:*
flexera / installshield cpe:2.3:a:flexera:installshield:2023:*:*:*:*:*:*:*

References