GHSA-8v28-3g86-chj5: 
C# vulnerability analysis and mitigation

A high-severity vulnerability (GHSA-8v28-3g86-chj5, CVE-2024-24810) was discovered in PanelSwWix4.Sdk affecting versions below 5.0.0-psw-wix.0251-40. The vulnerability involves the .be TEMP folder being susceptible to DLL redirection attacks, potentially allowing attackers to escalate privileges. This security issue was published and reviewed on February 8, 2024, impacting any installer built with the WiX installer framework (GitHub Advisory).

The vulnerability occurs when the bundle is executed without admin privileges, causing it to use the user's TEMP folder instead of the system TEMP folder. The issue has been assigned a CVSS score of 8.3 (High), with the following characteristics: Local attack vector, Low attack complexity, Low privileges required, User interaction required, Changed scope, and High impact on confidentiality, integrity, and availability. The vulnerability is tracked as CWE-426 (GitHub Advisory).

The vulnerability enables DLL redirection attacks utilizing the .exe.Local Windows capability, affecting any installer built with the WiX installer framework. When successfully exploited, it allows attackers to gain elevated privileges through malicious DLL injection (GitHub Advisory).

The vulnerability has been patched in version 5.0.0-psw-wix.0251-40 of PanelSwWix4.Sdk. Users are advised to upgrade to this version or later to mitigate the security risk (GitHub Advisory).