Main Vulnerability Database Vulnerabilities #VU63992

#VU63992 Hidden functionality in ImageCast X - CVE-2022-1741

Published: June 6, 2022

Vulnerability identifier: #VU63992

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-1741

CWE-ID: CWE-912

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
ImageCast X

Software vendor:
Dominion Voting Systems

Description

The vulnerability allows a local user to compromise vulnerable system

The vulnerability exists due to hidden functionality (backdoor) is present in software within the Terminal Emulator application. An authenticated attacker with physical access can use this functionality to gain elevated privileges on the device and install malicious code.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://ics-cert.us-cert.gov/advisories/icsa-22-154-01