CVE-2023-29187

A Windows user with basic user authorization can exploit a DLL hijacking attack in SapSetup (Software Installation Program) – version 9.0, resulting in a privilege escalation running code as administrator of the very same Windows PC. A successful attack depends on various preconditions beyond the attackers control.

Source: CVE-2023-29187