Home

Description

A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions (InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2) are affected by this issue.

PUBLISHED Reserved 2024-08-06 | Published 2025-06-12 | Updated 2025-06-17 | Assigner flexera




HIGH: 7.3CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-379

Product status

Default status
unaffected

2023 R2 (custom)
affected

2022 R2 (custom)
affected

2021 R2 (custom)
affected

Credits

Sandro Poppi finder

References

community.revenera.com/...nerability-in-created-msi-packages

cve.org (CVE-2024-7562)

nvd.nist.gov (CVE-2024-7562)

Download JSON