CVE-2024-42050

The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProvider_Inst.reg. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt