Primary

Context

Revenera InstallShield Denial-of-Service Vulnerability via Uninstallation Process

Vulnerability

A denial-of-service vulnerability has been identified in Revenera InstallShield versions 2025 R1, 2024 R2, 2023 R2, and prior. The issue arises during the uninstallation process when a local administrator removes the application. The uninstaller does not properly handle symbolic links in a user-writable configuration directory, potentially leading to unintended file deletion and causing a denial-of-service condition.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition by causing unintended file deletions that disrupt normal application functionality.

Remediation

Users can download the hotfix for this vulnerability from the Product and License Center. The hotfix is available for InstallShield 2025 R1, 2024 R2, and 2023 R2.

Added: Nov 7, 2025, 10:18 PM

Updated: Nov 7, 2025, 10:18 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

3.1

exploitability

2.9

remediation

7.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

3.1

exploitability

2.9

remediation

7.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Revenera InstallShield Denial-of-Service Vulnerability via Uninstallation Process

Vulnerability

Impact

Remediation

Affected Products

Revenera InstallShield

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating