4.4.2

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

scootersoftware

NVD

Published: 2022-07-23

Updated: 2022-08-02

Summary

There is an elevation of privilege breakout vulnerability in the Windows EXE installer in Scooter Beyond Compare 4.2.0 through 4.4.2 before 4.4.3. Affected versions allow a logged-in user to run applications with elevated privileges via the Clipboard Compare tray app after installation.

Vulnerable Configurations

Part	Description	Count
Application	Scootersoftware Scootersoftware Beyond Compare 4.2.0 Scootersoftware Beyond Compare 4.4.2	2

References

https://www.scootersoftware.com/support.php?zz=kb_security_2022-01