CVE-2023-30585

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 28, 2023
Updated: Dec 2, 2023

Summary

CVE-2023-30585 is a vulnerability affecting the Node.js installation process on Windows systems, specifically those using the .msi installer. During the repair operation, the "msiexec.exe" process, which runs under the NT AUTHORITY\SYSTEM context, encounters an issue when the %USERPROFILE% environment variable, referenced from the current user's registry, does not exist. In response, the process creates the specified path in an unsafe manner, potentially leading to the creation of arbitrary folders in unintended locations. The severity of this vulnerability is heightened due to the ability of standard users to manipulate the %USERPROFILE% environment variable in the Windows registry. Unprivileged actors, including malicious entities or trojans, can exploit this vulnerability to deceive the privileged process and create folders in potentially malicious locations. This issue only affects Windows users installing Node.js via the .msi installer.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-30585 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database