ГлавнаяУязвимости → CVE-2026-42171
7.8высокая

CVE-2026-42171

Описание

NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references).

Затрагиваемое ПО
Nullsoft Nullsoft scriptable install system
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://github.com/NSIS-Dev/nsis/blob/7359413009afd4f0fff472d841fc2f2cc0e0a5f8/Source/exehead/util.c#L475-L484https://github.com/NSIS-Dev/nsis/commit/8e6f02205d5f22da6c7855dbfe59b2af667330cahttps://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-gettempfilenamehttps://nsis.sourceforge.io/Docs/AppendixF.html#v3.12-cl