Описание
InstallBuilder for Qt Windows (versions prior to 20.7.0) installers look for plugins at a predictable location at initialization time, writable by non-admin users. While those plugins are not required, they are loaded if present, which could allow an attacker to plant a malicious library which could result in code execution with the security scope of the installer.
Уязвимые конфигурации
Одновременно
EPSS
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
Связанные уязвимости
InstallBuilder for Qt Windows (versions prior to 20.7.0) installers look for plugins at a predictable location at initialization time, writable by non-admin users. While those plugins are not required, they are loaded if present, which could allow an attacker to plant a malicious library which could result in code execution with the security scope of the installer.
EPSS
7.8 High
CVSS3
4.4 Medium
CVSS2