Primary

Context

Revenera InstallShield Privilege Escalation Vulnerability in Version 2023 R1

Vulnerability

Patched

A privilege escalation vulnerability exists in Revenera InstallShield version 2023 R1. When a local administrator runs a renamed Setup.exe, the MPR.dll may be loaded from an insecure location, leading to unauthorized privilege escalation. This issue has been addressed in InstallShield versions 2023 R2 and later.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation.

Remediation

Users can upgrade to InstallShield version 2023 R2 or later to address this vulnerability.

Added: Oct 29, 2025, 4:27 PM

Updated: Oct 29, 2025, 4:27 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

2.9

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

10.0

exploitability

2.9

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Revenera InstallShield Privilege Escalation Vulnerability in Version 2023 R1

Vulnerability

Impact

Remediation

Affected Products

Revenera InstallShield

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating