1E Limited AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

1E Limited AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AV-File parsed local

S-Unclear if Scope change occurs

UI-User Interaction not identified

1E Client installer can perform arbitrary file deletion on protected files.  

A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. A hotfix is available Q23092 that forces the 1E Client to check for a symbolic link or junction and if it finds one refuses to use that path and instead creates a path involving a random GUID.

1E Client installer can perform arbitrary file deletion on protected files.  

A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. 

A hotfix is available from the 1E support portal that forces the 1E Client to check for a symbolic link or junction and if it finds one refuses to use that path and instead creates a path involving a random GUID.

for v8.1 use hotfix Q23097

OR
     *cpe:2.3:a:1e:client:8.1.2.62:*:*:*:*:windows:*:*
     *cpe:2.3:a:1e:client:8.4.1.159:*:*:*:*:windows:*:*
     *cpe:2.3:a:1e:client:9.0.1.88:*:*:*:*:windows:*:*
     *cpe:2.3:a:1e:client:23.7.1.151:*:*:*:*:windows:*:*

NIST AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NIST CWE-59

https://www.1e.com/trust-security-compliance/cve-info/ No Types Assigned

https://www.1e.com/trust-security-compliance/cve-info/ Vendor Advisory