Security Advisory

CVE-2024-42052

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-28 00:00:00

Last updated 2025-03-20 19:04:35

Assigner mitre

State PUBLISHED

Description

The MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder.

← Browse all CVEs View on cve.org ↗