CVE-2022-22521

Privilege Escalation in Miele Benchmark Programming Tool

CVSS 7.3 HIGHEPSS 0.5%CWE-732

In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. An attacker with low privileges may trick a user with administrative privileges to execute these binaries as admin.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected products

Miele · Benchmark Programming Tool

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/166881/Miele-Benchmark-Programming-Tool-1.1.49-1.2.71-Privilege-Escalation.html https://cert.vde.com/en/advisories/VDE-2022-015/http://seclists.org/fulldisclosure/2022/Apr/42 https://www.miele.de/p/miele-benchmark-programming-tool-2296.htm