Main Vulnerability Database Vulnerabilities #VU63999

#VU63999 Origin validation error in ImageCast X - CVE-2022-1747

Published: June 6, 2022

Vulnerability identifier: #VU63999

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-1747

CWE-ID: CWE-346

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
ImageCast X

Software vendor:
Dominion Voting Systems

Description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to the authentication mechanism used by voters to activate a voting session is susceptible to forgery. An authenticated attacker with physical access can print an arbitrary number of ballots without authorization.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://ics-cert.us-cert.gov/advisories/icsa-22-154-01