CVE-2025-43715

Published: Apr 17, 2025Modified: Apr 17, 2025

8.1

Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Exploitability: 1.4 / Impact: 6.0

Source: MITRE (Secondary)

Description

Nullsoft Scriptable Install System (NSIS) before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a crafted executable file by winning a race condition. This occurs because EW_CREATEDIR does not always set the CreateRestrictedDirectory error flag.

Related CWEs

CWE-754

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (2)

https://nsis.sourceforge.io/Docs/AppendixF.html#v3.11-rl

Source: cve@mitre.org

https://sourceforge.net/p/nsis/bugs/1315/

Source: cve@mitre.org

Timeline

No history available yet.