Main Vulnerability Database Vulnerabilities #VU63995

Execution with unnecessary privileges in ImageCast X - CVE-2022-1744

Published: June 6, 2022

Vulnerability identifier: #VU63995

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-1744

CWE-ID: CWE-250

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
ImageCast X

Software vendor:
Dominion Voting Systems

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application binary has a setuid bit. An authenticated attacker with physical access can run the affected binary and execute arbitrary code on the system with root privileges.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://ics-cert.us-cert.gov/advisories/icsa-22-154-01

Execution with unnecessary privileges in ImageCast X - CVE-2022-1744

Description

Remediation

External links

Please verify you're human