Vulnerability Description
Potential Denial of Service issue in all supported versions of Revenera InstallShield version 2025 R1, 2024 R2, 2023 R2, and prior. When e.g., a local administrator performs an uninstall, a symlink may get followed on removal of a user writeable configuration directory and induce a Denial of Service as a result. The issue is resolved through the hotfixes InstallShield2025R1-CVE-2025-12418-SecurityPatch, InstallShield2024R2-CVE-2025-12418-SecurityPatch, and InstallShield2023R2-CVE-2025-12418-SecurityPatch.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-12418?
CVE-2025-12418 is a documented vulnerability. Potential Denial of Service issue in all supported versions of Revenera InstallShield version 2025 R1, 2024 R2, 2023 R2, and prior. When e.g., a local administrator performs an uninstall, a symlink ma...
How severe is CVE-2025-12418?
CVSS scoring is not yet available for CVE-2025-12418. Check NVD for updates.
Is there a patch for CVE-2025-12418?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.