CVE-2022-23922

WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the Program Announcer directory and elevate permissions whenever the program is executed.

Link	Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-053-03	Mitigation Third Party Advisory
https://supportdesk.win911.com/support/solutions/articles/24000074683-win-911-2021-r1-r2-file-permission-vulnerability	Vendor Advisory

Configuration 1

cpe:2.3:a:win-911:win-911_2021_r2:5.21.17:*:*:*:*:*:*:* cpe:2.3:a:win-911:win-911_2021_r1:5.21.10:*:*:*:*:*:*:*

---

Published : 2022-02-24 07:15

Updated : 2022-03-07 06:22

---

NVD link : CVE-2022-23922

Mitre link : CVE-2022-23922

No products.

CWE-276

Incorrect Default Permissions