Privilege Escalation via Windows Installer
CVE-2023-21542 Published on January 10, 2023
Windows Installer Elevation of Privilege Vulnerability
Weakness Type
What is an insecure temporary file Vulnerability?
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CVE-2023-21542 has been classified to as an insecure temporary file vulnerability or weakness.
Products Associated with CVE-2023-21542
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-21542 are published in these products:
Affected Versions
Microsoft Windows 10 Version 1507:- Version 10.0.10240.0 and below 10.0.10240.19685 is affected.
- Version 10.0.14393.0 and below 10.0.14393.5648 is affected.
- Version 10.0.14393.0 and below 10.0.14393.5648 is affected.
- Version 10.0.14393.0 and below 10.0.14393.5648 is affected.
- Version 6.1.0 and below 6.1.7601.26321 is affected.
- Version 6.1.0 and below 6.1.7601.26321 is affected.
- Version 6.3.0 and below 6.3.9600.20778 is affected.
- Version 6.0.6003.0 and below 6.0.6003.21872 is affected.
- Version 6.0.6003.0 and below 6.0.6003.21872 is affected.
- Version 6.0.6003.0 and below 6.0.6003.21872 is affected.
- Version 6.1.7601.0 and below 6.1.7601.26321 is affected.
- Version 6.1.7601.0 and below 6.1.7601.26321 is affected.
- Version 6.2.9200.0 and below 6.2.9200.24075 is affected.
- Version 6.2.9200.0 and below 6.2.9200.24075 is affected.
- Version 6.3.9600.0 and below 6.3.9600.20778 is affected.
- Version 6.3.9600.0 and below 6.3.9600.20778 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.