Security Advisory

CVE-2023-29187

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-11 03:09:31

Last updated 2025-02-26 19:07:54

Assigner sap

State PUBLISHED

Description

A Windows user with basic user authorization can exploit a DLL hijacking attack in SapSetup (Software Installation Program) - version 9.0, resulting in a privilege escalation running code as administrator of the very same Windows PC. A successful attack depends on various preconditions beyond the attackers control.

← Browse all CVEs View on cve.org ↗