CVE-2022-1746

2.2.8 INCORRECT PRIVILEGE ASSIGNMENT CWE-266

CVSS 7.6 HIGHEPSS 0.3%CWE-266

The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment.

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected products

Dominion Voting Systems · ImageCast X application Dominion Voting Systems · ImageCast X firmware

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01