CVE-2022-23104

WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the program Operator Workspace directory, which holds DLL files and executables. A low-privilege attacker could write a malicious DLL file to the Operator Workspace directory to achieve privilege escalation and the permissions of the user running the program.
Configurations

Configuration 1

cpe:2.3:a:win-911:win-911_2021_r2:5.21.17:*:*:*:*:*:*:*
cpe:2.3:a:win-911:win-911_2021_r1:5.21.10:*:*:*:*:*:*:*

Information

Published : 2022-02-24 07:15

Updated : 2022-03-07 06:13


NVD link : CVE-2022-23104

Mitre link : CVE-2022-23104

Products Affected
No products.
CWE
CWE-276

Incorrect Default Permissions