CVE-2024-24810: 
C# vulnerability analysis and mitigation

The WiX toolset, which allows developers to create installers for Windows Installer, contains a security vulnerability identified as CVE-2024-24810. The vulnerability was discovered in the .be TEMP folder implementation and affects any installer built with the WiX installer framework. This issue was disclosed on February 7, 2024, and has been patched in version 4.0.4 and 3.14.0 (GitHub Advisory).

The vulnerability exists when the bundle is not run as admin, causing the user's TEMP folder to be used instead of the system TEMP folder. An attacker can monitor the user's TEMP folder for changes and exploit DLL redirection by dropping a malicious DLL into the .be/.Local folder immediately when the .be folder is created. The vulnerability has been assigned a CVSS v3.1 base score of 8.3 (High), with the following metrics: Attack Vector: Local, Attack Complexity: Low, Privileges Required: Low, User Interaction: Required, Scope: Changed, and Impact levels (Confidentiality, Integrity, Availability) all rated as High (GitHub Advisory).

When exploited, this vulnerability allows attackers to escalate privileges through DLL redirection utilizing the .exe.Local Windows capability. When the burn engine elevates, the malicious DLL receives elevated privileges, potentially giving attackers high-level access to the system (GitHub Advisory).

The vulnerability has been patched in WiX toolset versions 4.0.4 and 3.14.0. Users are advised to upgrade to these patched versions to protect against this security issue (GitHub Advisory).