CapaSystems CapaInstaller before 6.0.101 does not properly assign, modify, or check privileges for an actor who attempts to edit registry values, allowing an attacker to escalate privileges.