Home

Description

Privilege escalation via dll hijacking in Inno Setup 6.2.1 and ealier versions.

PUBLISHED Reserved 2026-02-27 | Published 2026-03-03 | Updated 2026-03-03 | Assigner NCSC-FI




MEDIUM: 5.7CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H/E:U/AU:N/U:Clear

Problem types

CWE-1390: Weak Authentication

Product status

Default status
unaffected

Any version
affected

6.2.2
unaffected

References

jrsoftware.org/files/is6.2-whatsnew.htm

cve.org (CVE-2025-15595)

nvd.nist.gov (CVE-2025-15595)

Download JSON