CVE-2024-29187: WiX based installers are vulnerable to binary hijack when run as SYSTEM
Burn uses an unprotected C:\Windows\Temp directory to copy binaries and run them from there. This directory is not entirely protected against low privilege users.
References
- github.com/advisories/GHSA-rf39-3f98-xr7r
- github.com/wixtoolset/issues
- github.com/wixtoolset/issues/security/advisories/GHSA-rf39-3f98-xr7r
- github.com/wixtoolset/wix/commit/75a8c75d4e02ea219008dc5af7d03869291d61f7
- github.com/wixtoolset/wix3/commit/6d372e5169f1a334a395cdf496443bc0732098e9
- nvd.nist.gov/vuln/detail/CVE-2024-29187
Code Behaviors & Features
Detect and mitigate CVE-2024-29187 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →