cvedb.io
CVE-2018-13013
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2018-06-29T15:29:00.317 · Last modified 2026-06-17T01:38:42.467

Summary

Improper check of unusual conditions when launching msiexec.exe in safensec.com (SysWatch service) in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.9 allows the local attacker to bypass a code-signing protection mechanism and install/execute an unauthorized program by modifying the system configuration and installing a forged MSI file. (The intended behavior is that the component SysWatch does not allow installation of MSI files unless they are signed by a limited list of certificates.)

Affected products

safensoft — enterprise_suite

Does this affect you?

Add your gear to cvedb and we'll alert you only when safensoft ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.