CVE-2022-1746

2.2.8 INCORRECT PRIVILEGE ASSIGNMENT CWE-266

CVSS 7.6 HIGHEPSS 0.3%CWE-266

The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment.

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Produtos afetados

Dominion Voting Systems · ImageCast X application Dominion Voting Systems · ImageCast X firmware

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01