Unrated severityNVD Advisory· Published Jan 25, 2024· Updated Jun 3, 2025

Insecure Permissions in Splashtop Software Updater

CVE-2023-3181

Description

The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Temp~nsu.tmp and copies itself to it as Au_.exe. The C:\Windows\Temp~nsu.tmp\Au_.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI repair using Splashtop Streamer’s Windows Installer. Since the C:\Windows\Temp~nsu.tmp folder inherits permissions from C:\Windows\Temp and Au_.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Splashtop/Splashtopllm-fuzzy
Splashtop/Splashtop Software Updaterv5
Range: 0

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0015.mdmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000