CVE-2024-0219 – Privilege Elevation via Telerik JustDecompile Installer

https://notcve.org/view.php?id=CVE-2024-0219

31 Jan 2024 — In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system. En las versiones de Telerik JustDecompile anteriores a 2024 R1, se identificó una vulnerabilidad de elevación de privilegios en el componente ... • https://docs.telerik.com/devtools/justdecompile/knowledge-base/legacy-installer-vulnerability • CWE-269: Improper Privilege Management •