CVE-2022-36414: 
Beyond Compare vulnerability analysis and mitigation

CVE-2022-36414 is an elevation of privilege breakout vulnerability affecting Scooter Beyond Compare versions 4.2.0 through 4.4.2 before version 4.4.3. The vulnerability exists in the Windows EXE installer component of the software, which allows logged-in users to run applications with elevated privileges through the Clipboard Compare tray app after installation (CVE List, Scooter Software).

When the installer is run with SYSTEM privileges, the Clipboard Compare tray app runs with elevated permissions after installation. This allows a standard user to launch Beyond Compare from the tray app with SYSTEM privileges, and subsequently launch a command prompt from Beyond Compare with SYSTEM privileges. The elevation only occurs in the login session that is active during installation - for future logins, the Clipboard Compare runs with normal user privileges (Scooter Software).

The vulnerability allows standard users to gain SYSTEM-level privileges through the Clipboard Compare tray app, effectively enabling privilege escalation on affected systems. This could potentially allow unauthorized users to execute commands with the highest system privileges (Scooter Software).

The vulnerability has been patched in version 4.4.3 of the software. Users should update to this version or newer and use the /SILENT or /VERYSILENT command line switches during installation to prevent the Clipboard Compare tray app from launching after installation (Scooter Software).