Incorrect Privilege Assignment in ImageCast X - CVE-2022-1746
Published: June 6, 2022
Vulnerability identifier: #VU63997
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-1746
CWE-ID: CWE-266
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Dominion Voting Systems
Affected software:
ImageCast X
ImageCast X
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to the authentication mechanism used by poll workers to administer voting can expose cryptographic secrets used to protect election information. An authenticated attacker with physical access can gain access to sensitive information and perform privileged actions.
How to mitigate CVE-2022-1746
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.