Skip to content

Commit

Permalink
fix: CWE-269 Mezmo Agent <= 3.9.0 Local Elevation of Privileges (#554)
Browse files Browse the repository at this point in the history 
- added -NoProfile to ps execution of post install script to avoid execution of current user profile scripts (repair case)

Ref: LOG-17865
  • Loading branch information
@dkhokhlov
dkhokhlov committed Sep 21, 2023
1 parent d28f51a commit 7a62eda
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion packaging/windows/msi/mezmo-agent.wxs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
<Property Id="powershell" Value="powershell.exe" />
<Property Id="KEY" Secure="yes" Value="&lt;YOUR_INGESTION_KEY&gt;"/>
<CustomAction Id="PostInstall"
ExeCommand="-WindowStyle Hidden -ExecutionPolicy Bypass -File &quot;[#PostInstallScript]&quot; -INGESTION_KEY &quot;[KEY]&quot; -INSTALLFOLDER &quot;[INSTALLFOLDER]\&quot; -DATAFOLDER &quot;[DATAFOLDER]\&quot;"
ExeCommand="-WindowStyle Hidden -NoProfile -ExecutionPolicy Bypass -File &quot;[#PostInstallScript]&quot; -INGESTION_KEY &quot;[KEY]&quot; -INSTALLFOLDER &quot;[INSTALLFOLDER]\&quot; -DATAFOLDER &quot;[DATAFOLDER]\&quot;"
Execute="deferred"
Property="powershell"
Impersonate="no"
Expand Down

0 comments on commit 7a62eda

Please sign in to comment.