CVE-2024-42050 – Splashtop Streamer for Windows Privilege Escalation Weak Permission Vulnerability

CVE ID : CVE-2024-42050

Published : July 28, 2024, 3:15 a.m. | 1 hour, 5 minutes ago

Description : The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProvider_Inst.reg.

Severity: 7.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2024-42050

Published : July 28, 2024, 3:15 a.m. | 1 hour, 5 minutes ago

Description : The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProvider_Inst.reg.

Severity: 7.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…