{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-12418","assignerOrgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","state":"PUBLISHED","assignerShortName":"flexera","dateReserved":"2025-10-28T16:09:55.027Z","datePublished":"2025-11-07T21:27:04.650Z","dateUpdated":"2025-11-13T14:26:11.510Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["Windows"],"product":"InstallShield","vendor":"Revenera","versions":[{"changes":[{"at":"InstallShield2023R2-CVE-2025-12418-SecurityPatch","status":"unaffected"}],"lessThanOrEqual":"2023.R2","status":"affected","version":"2023.R1","versionType":"semver"},{"changes":[{"at":"InstallShield2024R2-CVE-2025-12418-SecurityPatch","status":"unaffected"}],"lessThanOrEqual":"2024.R2","status":"affected","version":"2024.R1","versionType":"semver"},{"lessThan":"InstallShield2025R1-CVE-2025-12418-SecurityPatch","status":"affected","version":"2025.R1","versionType":"custom"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:a:revenera:installshield:*:*:windows:*:*:*:*:*","versionEndIncluding":"2023.r2","versionStartIncluding":"2023.r1","vulnerable":true},{"criteria":"cpe:2.3:a:revenera:installshield:*:*:windows:*:*:*:*:*","versionEndIncluding":"2024.r2","versionStartIncluding":"2024.r1","vulnerable":true},{"criteria":"cpe:2.3:a:revenera:installshield:*:*:windows:*:*:*:*:*","versionEndExcluding":"installshield2025r1-cve-2025-12418-securitypatch","versionStartIncluding":"2025.r1","vulnerable":true}],"negate":false,"operator":"OR"}],"operator":"OR"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Potential Denial of Service issue in all supported versions of Revenera InstallShield version 2025 R1, 2024 R2, 2023 R2, and prior. When e.g., a local administrator performs an uninstall, a symlink may get followed on removal of a user writeable configuration directory and induce a Denial of Service as a result. The issue is resolved through the hotfixes&nbsp;InstallShield2025R1-CVE-2025-12418-SecurityPatch, <span style=\"background-color: rgb(255, 255, 255);\">InstallShield2024R2-CVE-2025-12418-SecurityPatch, and&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">InstallShield2023R2-CVE-2025-12418-SecurityPatch.</span><br>"}],"value":"Potential Denial of Service issue in all supported versions of Revenera InstallShield version 2025 R1, 2024 R2, 2023 R2, and prior. When e.g., a local administrator performs an uninstall, a symlink may get followed on removal of a user writeable configuration directory and induce a Denial of Service as a result. The issue is resolved through the hotfixes InstallShield2025R1-CVE-2025-12418-SecurityPatch, InstallShield2024R2-CVE-2025-12418-SecurityPatch, and InstallShield2023R2-CVE-2025-12418-SecurityPatch."}],"impacts":[{"capecId":"CAPEC-132","descriptions":[{"lang":"en","value":"CAPEC-132 Symlink Attack"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"PRESENT","attackVector":"LOCAL","baseScore":5.6,"baseSeverity":"MEDIUM","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"ACTIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-59","description":"CWE-59 Improper Link Resolution Before File Access ('Link Following')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","shortName":"flexera","dateUpdated":"2025-11-07T21:27:04.650Z"},"references":[{"url":"https://community.revenera.com/s/article/CVE-2025-12418-Potential-Unintended-File-Deletion-Issue-Caused-by-InstallShield-Suite-Uninstallation-Process"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Apply hotfixes&nbsp;InstallShield2025R1-CVE-2025-12418-SecurityPatch,&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">InstallShield2024R2-CVE-2025-12418-SecurityPatch, or&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">InstallShield2023R2-CVE-2025-12418-SecurityPatch.</span><br>"}],"value":"Apply hotfixes InstallShield2025R1-CVE-2025-12418-SecurityPatch, InstallShield2024R2-CVE-2025-12418-SecurityPatch, or InstallShield2023R2-CVE-2025-12418-SecurityPatch."}],"source":{"discovery":"UNKNOWN"},"title":"Potential Denial of Service in Supported Versions of Revenera InstallShield","x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-11-13T14:26:00.754643Z","id":"CVE-2025-12418","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-11-13T14:26:11.510Z"}}]}}