Login Sign Up

CVE-2024-42051

7.8 HIGH

📋 TL;DR

This vulnerability allows local users on Windows systems to escalate privileges to SYSTEM by exploiting weak permissions in a temporary folder used during Splashtop Streamer installation. It affects users running vulnerable versions of Splashtop Streamer for Windows, potentially enabling unauthorized administrative access.

💻 Affected Systems

Products:
  • Splashtop Streamer for Windows
Versions: Versions before 3.6.2.0
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists during installation when weak permissions are set on a temporary folder.

📦 What is this software?

Streamer by Splashtop

View all CVEs affecting Streamer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker gains full SYSTEM privileges, allowing complete control over the system, data theft, and further malicious activities.

🟠

Likely Case

Local privilege escalation leading to unauthorized administrative access and potential lateral movement within a network.

🟢

If Mitigated

Limited impact if proper access controls and patching are in place, reducing the risk of exploitation.

🌐 Internet-Facing: LOW, as this is a local exploit requiring user access to the system.
🏢 Internal Only: HIGH, as it can be exploited by any local user on affected systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access and involves replacing a file in a weakly permissioned folder.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.6.2.0

Vendor Advisory: https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/20716875636763-Splashtop-Streamer-version-v3-6-2-0-for-Windows-released

Restart Required: Yes

Instructions:

1. Download Splashtop Streamer version 3.6.2.0 or later from the official vendor site. 2. Run the installer to update the software. 3. Restart the system to ensure changes take effect.

🔧 Temporary Workarounds

Restrict Local User Access

windows

Limit local user permissions to reduce the attack surface for privilege escalation.

Use Windows Group Policy to restrict user access to installation directories and temporary folders.

🧯 If You Can't Patch

  • Monitor and audit local user activities for suspicious file modifications in temporary folders.
  • Implement strict access controls and least privilege principles to minimize local user capabilities.

🔍 How to Verify

Check if Vulnerable:

Check the Splashtop Streamer version in the application settings or via the installed programs list in Windows.

Check Version:

wmic product where name='Splashtop Streamer' get version

Verify Fix Applied:

Confirm that the version is 3.6.2.0 or later after updating.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file creation or modification events in temporary folders, especially involving InstRegExp.reg.

Network Indicators:

  • No specific network indicators as this is a local exploit.

SIEM Query:

Event ID 4663 or 4656 in Windows Security logs showing file access to temporary folders by non-admin users.

📊 Metadata

CVE ID: CVE-2024-42051
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-1391
Published: July 28, 2024
Last Updated: September 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-42051, you might also want to check these:

CVE-2026-22886 9.8

OpenMQ's management service ships with default admin credentials (admin/admin) that are never forced...

Same vulnerability type (CWE-1391)
CVE-2025-30519 9.8

Dover Fueling Solutions ProGauge MagLink LX4 devices have hardcoded default root credentials that ca...

Same vulnerability type (CWE-1391)
CVE-2025-6077 9.8

This vulnerability allows attackers to gain administrative access to Partner Software Product and Pa...

Same vulnerability type (CWE-1391)