The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26 mishandles child processes and consequently launches Internet Explorer or Microsoft Edge as Administrator, which allows local users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-281,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| pearsonvue | iqsystem_7 | * |
| pearsonvue | console_8 | * |