CVE-2018-12989

The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26 mishandles child processes and consequently launches Internet Explorer or Microsoft Edge as Administrator, which allows local users to gain privileges.
References
Configurations

Configuration 1

cpe:2.3:a:pearsonvue:iqsystem_7:*:*:*:*:*:*:*:*
cpe:2.3:a:pearsonvue:console_8:*:*:*:*:*:*:*:*

Information

Published : 2018-08-03 06:29

Updated : 2019-10-03 12:03


NVD link : CVE-2018-12989

Mitre link : CVE-2018-12989

Products Affected
No products.
CWE
CWE-281

Improper Preservation of Permissions