Skip to main content

Inno Setup CVE-2025-15595

HIGH
Weak Authentication (CWE-1390)
2026-03-03 db4dfee8-a97e-4877-bfae-eba6d14a2166
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:05 vuln.today
CVE Published
Mar 03, 2026 - 07:16 nvd
HIGH 7.8

DescriptionCVE.org

Privilege escalation via dll hijacking in Inno Setup 6.2.1 and ealier versions.

AnalysisAI

A privilege escalation vulnerability in Inno Setup 6.2.1 and earlier versions allows local attackers to gain elevated privileges through DLL hijacking. This vulnerability requires user interaction but no authentication, enabling attackers to execute arbitrary code with higher privileges by placing a malicious DLL in a location searched by the installer. While not currently listed in CISA KEV, the vulnerability has a moderate EPSS score of 0.043% and affects a widely-used Windows installer creation tool.

Technical ContextAI

Inno Setup is a popular free installer for Windows programs, identified by CPE cpe:2.3:a:jrsoftware:inno_setup:*:*:*:*:*:*:*:* for versions up to and including 6.2.1. The vulnerability stems from CWE-1390 (Weak Authentication), though the specific manifestation is through DLL hijacking - a technique where an application loads a malicious DLL from an insecure location instead of the legitimate system DLL. This occurs when the installer searches for required DLLs using an unsafe search order, potentially loading untrusted libraries from user-writable directories before checking secure system locations.

RemediationAI

Upgrade Inno Setup to version 6.2.2 or later, which should contain fixes for this DLL hijacking vulnerability. Until patching is possible, implement application whitelisting to prevent unauthorized DLL loading, ensure installers are only downloaded from trusted sources, and run installation processes with minimal privileges where possible. System administrators should audit and restrict write permissions on directories in the DLL search path, particularly user-writable locations that might be searched before system directories.

Share

CVE-2025-15595 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy