Common Weakness Enumeration

CWE-250

Allowed

Execution with Unnecessary Privileges

Abstraction: Base · Status: Draft

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

575 vulnerabilities reference this CWE, most recent first.

CVE-2022-27578 (GCVE-0-2022-27578)

Vulnerability from cvelistv5 – Published: 2022-04-11 19:37 – Updated: 2024-08-03 05:32
VLAI
Summary
An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content.
Severity
No CVSS data available.
CWE
Assigner
References
URL Tags
https://sick.com/psirt x_refsource_MISC
Impacted products
Vendor Product Version
n/a SICK Overall Equipment Effectiveness Affected: version 0.5.1
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:32:59.859Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://sick.com/psirt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SICK Overall Equipment Effectiveness",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "version 0.5.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-11T19:37:46.000Z",
        "orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
        "shortName": "SICK AG"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://sick.com/psirt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@sick.de",
          "ID": "CVE-2022-27578",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SICK Overall Equipment Effectiveness",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "version 0.5.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-250"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sick.com/psirt",
              "refsource": "MISC",
              "url": "https://sick.com/psirt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
    "assignerShortName": "SICK AG",
    "cveId": "CVE-2022-27578",
    "datePublished": "2022-04-11T19:37:46.000Z",
    "dateReserved": "2022-03-21T00:00:00.000Z",
    "dateUpdated": "2024-08-03T05:32:59.859Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-24113 (GCVE-0-2022-24113)

Vulnerability from cvelistv5 – Published: 2022-02-04 22:29 – Updated: 2024-09-16 19:57
VLAI
Title
Local privilege escalation due to excessive permissions assigned to child processes
Summary
Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287
Severity
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Acronis Acronis Cyber Protect 15 Affected: unspecified , < 28035 (custom)
Create a notification for this product.
Acronis Acronis Agent Affected: unspecified , < 27147 (custom)
Create a notification for this product.
Acronis Acronis Cyber Protect Home Office Affected: unspecified , < 39612 (custom)
Create a notification for this product.
Acronis Acronis True Image 2021 Affected: unspecified , < 39287 (custom)
Create a notification for this product.
Date Public
2022-02-02 00:00
Credits
@penrose (https://hackerone.com/penrose)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:59:23.553Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security-advisory.acronis.com/advisories/SEC-2881"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Windows"
          ],
          "product": "Acronis Cyber Protect 15",
          "vendor": "Acronis",
          "versions": [
            {
              "lessThan": "28035",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Windows"
          ],
          "product": "Acronis Agent",
          "vendor": "Acronis",
          "versions": [
            {
              "lessThan": "27147",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Windows"
          ],
          "product": "Acronis Cyber Protect Home Office",
          "vendor": "Acronis",
          "versions": [
            {
              "lessThan": "39612",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Windows"
          ],
          "product": "Acronis True Image 2021",
          "vendor": "Acronis",
          "versions": [
            {
              "lessThan": "39287",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "@penrose (https://hackerone.com/penrose)"
        }
      ],
      "datePublic": "2022-02-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-04T22:29:30.000Z",
        "orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
        "shortName": "Acronis"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security-advisory.acronis.com/advisories/SEC-2881"
        }
      ],
      "source": {
        "advisory": "SEC-2881",
        "defect": [
          "SEC-2881"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Local privilege escalation due to excessive permissions assigned to child processes",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@acronis.com",
          "DATE_PUBLIC": "2022-02-02T00:00:00.000Z",
          "ID": "CVE-2022-24113",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation due to excessive permissions assigned to child processes"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Acronis Cyber Protect 15",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Windows",
                            "version_affected": "\u003c",
                            "version_value": "28035"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Acronis Agent",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Windows",
                            "version_affected": "\u003c",
                            "version_value": "27147"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Acronis Cyber Protect Home Office",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Windows",
                            "version_affected": "\u003c",
                            "version_value": "39612"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Acronis True Image 2021",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Windows",
                            "version_affected": "\u003c",
                            "version_value": "39287"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Acronis"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "@penrose (https://hackerone.com/penrose)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-250"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-advisory.acronis.com/advisories/SEC-2881",
              "refsource": "MISC",
              "url": "https://security-advisory.acronis.com/advisories/SEC-2881"
            }
          ]
        },
        "source": {
          "advisory": "SEC-2881",
          "defect": [
            "SEC-2881"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
    "assignerShortName": "Acronis",
    "cveId": "CVE-2022-24113",
    "datePublished": "2022-02-04T22:29:30.215Z",
    "dateReserved": "2022-01-28T00:00:00.000Z",
    "dateUpdated": "2024-09-16T19:57:01.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-22239 (GCVE-0-2022-22239)

Vulnerability from cvelistv5 – Published: 2022-10-18 02:46 – Updated: 2025-05-10 02:34
VLAI
Title
Junos OS Evolved: The ssh CLI command always runs as root which can lead to privilege escalation
Summary
An Execution with Unnecessary Privileges vulnerability in Management Daemon (mgd) of Juniper Networks Junos OS Evolved allows a locally authenticated attacker with low privileges to escalate their privileges on the device and potentially remote systems. This vulnerability allows a locally authenticated attacker with access to the ssh operational command to escalate their privileges on the system to root, or if there is user interaction on the local device to potentially escalate privileges on a remote system to root. This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S5-EVO; 21.1-EVO versions prior to 21.1R3-EVO; 21.2-EVO versions prior to 21.2R2-S1-EVO, 21.2R3-EVO; 21.3-EVO versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
References
Impacted products
Vendor Product Version
Juniper Networks Junos OS Evolved Affected: unspecified , < 20.4R3-S5-EVO (custom)
Affected: 21.1-EVO , < 21.1R3-EVO (custom)
Affected: 21.2-EVO , < 21.2R2-S1-EVO, 21.2R3-EVO (custom)
Affected: 21.3-EVO , < 21.3R2-EVO (custom)
Create a notification for this product.
Date Public
2022-10-12 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:07:49.838Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA69895"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-22239",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-10T02:34:04.074427Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-10T02:34:30.513Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "20.4R3-S5-EVO",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "21.1R3-EVO",
              "status": "affected",
              "version": "21.1-EVO",
              "versionType": "custom"
            },
            {
              "lessThan": "21.2R2-S1-EVO, 21.2R3-EVO",
              "status": "affected",
              "version": "21.2-EVO",
              "versionType": "custom"
            },
            {
              "lessThan": "21.3R2-EVO",
              "status": "affected",
              "version": "21.3-EVO",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-10-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Execution with Unnecessary Privileges vulnerability in Management Daemon (mgd) of Juniper Networks Junos OS Evolved allows a locally authenticated attacker with low privileges to escalate their privileges on the device and potentially remote systems. This vulnerability allows a locally authenticated attacker with access to the ssh operational command to escalate their privileges on the system to root, or if there is user interaction on the local device to potentially escalate privileges on a remote system to root. This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S5-EVO; 21.1-EVO versions prior to 21.1R3-EVO; 21.2-EVO versions prior to 21.2R2-S1-EVO, 21.2R3-EVO; 21.3-EVO versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250 Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-18T00:00:00.000Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "url": "https://kb.juniper.net/JSA69895"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 20.4R3-S5-EVO, 21.1R3-EVO, 21.2R2-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA69895",
        "defect": [
          "1621892"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS Evolved: The ssh CLI command always runs as root which can lead to privilege escalation",
      "workarounds": [
        {
          "lang": "en",
          "value": "A workaround for this issue is to modify the applicable login class(es) so that the ssh command can not be accessed anymore. This can be done by removing the \u0027network\u0027 permission or modifying the resp. allow-/deny-commands configuration."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2022-22239",
    "datePublished": "2022-10-18T02:46:41.384Z",
    "dateReserved": "2021-12-21T00:00:00.000Z",
    "dateUpdated": "2025-05-10T02:34:30.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-21699 (GCVE-0-2022-21699)

Vulnerability from cvelistv5 – Published: 2022-01-19 21:15 – Updated: 2025-04-22 18:33
VLAI
Title
Execution with Unnecessary Privileges in ipython
Summary
IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary files. This vulnerability allows one user to run code as another on the same machine. All users are advised to upgrade.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
  • CWE-279 - Incorrect Execution-Assigned Permissions
Assigner
Impacted products
Vendor Product Version
ipython ipython Affected: < 5.11
Affected: >= 6.0.0, < 7.16.3
Affected: >= 7.17.0, < 7.31.1
Affected: >= 8.0.0, < 8.0.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:53:34.751Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699"
          },
          {
            "name": "[debian-lts-announce] 20220124 [SECURITY] [DLA 2896-1] ipython security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00021.html"
          },
          {
            "name": "FEDORA-2022-b58d156ab0",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRQRTWHYXMLDJ572VGVUZMUPEOTPM3KB/"
          },
          {
            "name": "FEDORA-2022-b9e38f8a56",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZ7LVZBB4D7KVSFNEQUBEHFO3JW6D2ZK/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-21699",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-22T15:45:17.424524Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-22T18:33:01.284Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ipython",
          "vendor": "ipython",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 5.11"
            },
            {
              "status": "affected",
              "version": "\u003e= 6.0.0, \u003c 7.16.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.17.0, \u003c 7.31.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.0.0, \u003c 8.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary files. This vulnerability allows one user to run code as another on the same machine. All users are advised to upgrade."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250: Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-279",
              "description": "CWE-279: Incorrect Execution-Assigned Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-12T02:06:46.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699"
        },
        {
          "name": "[debian-lts-announce] 20220124 [SECURITY] [DLA 2896-1] ipython security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00021.html"
        },
        {
          "name": "FEDORA-2022-b58d156ab0",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRQRTWHYXMLDJ572VGVUZMUPEOTPM3KB/"
        },
        {
          "name": "FEDORA-2022-b9e38f8a56",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZ7LVZBB4D7KVSFNEQUBEHFO3JW6D2ZK/"
        }
      ],
      "source": {
        "advisory": "GHSA-pq7m-3gw7-gq5x",
        "discovery": "UNKNOWN"
      },
      "title": "Execution with Unnecessary Privileges in ipython",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-21699",
          "STATE": "PUBLIC",
          "TITLE": "Execution with Unnecessary Privileges in ipython"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ipython",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 5.11"
                          },
                          {
                            "version_value": "\u003e= 6.0.0, \u003c 7.16.3"
                          },
                          {
                            "version_value": "\u003e= 7.17.0, \u003c 7.31.1"
                          },
                          {
                            "version_value": "\u003e= 8.0.0, \u003c 8.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ipython"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary files. This vulnerability allows one user to run code as another on the same machine. All users are advised to upgrade."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-250: Execution with Unnecessary Privileges"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-279: Incorrect Execution-Assigned Permissions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x",
              "refsource": "CONFIRM",
              "url": "https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x"
            },
            {
              "name": "https://github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668",
              "refsource": "MISC",
              "url": "https://github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668"
            },
            {
              "name": "https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699",
              "refsource": "MISC",
              "url": "https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699"
            },
            {
              "name": "[debian-lts-announce] 20220124 [SECURITY] [DLA 2896-1] ipython security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00021.html"
            },
            {
              "name": "FEDORA-2022-b58d156ab0",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRQRTWHYXMLDJ572VGVUZMUPEOTPM3KB/"
            },
            {
              "name": "FEDORA-2022-b9e38f8a56",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DZ7LVZBB4D7KVSFNEQUBEHFO3JW6D2ZK/"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-pq7m-3gw7-gq5x",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-21699",
    "datePublished": "2022-01-19T21:15:11.000Z",
    "dateReserved": "2021-11-16T00:00:00.000Z",
    "dateUpdated": "2025-04-22T18:33:01.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-20676 (GCVE-0-2022-20676)

Vulnerability from cvelistv5 – Published: 2022-04-15 14:16 – Updated: 2024-09-16 18:54
VLAI
Title
Cisco IOS XE Software Tool Command Language Privilege Escalation Vulnerability
Summary
A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This vulnerability is due to insufficient input validation of data that is passed into the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root. By default, Tcl shell access requires privilege level 15.
CWE
Assigner
References
URL Tags
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
Impacted products
Date Public
2022-04-13 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:17:53.170Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220413 Cisco IOS XE Software Tool Command Language Privilege Escalation Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-grbtubU"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This vulnerability is due to insufficient input validation of data that is passed into the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root. By default, Tcl shell access requires privilege level 15."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-15T14:16:53.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220413 Cisco IOS XE Software Tool Command Language Privilege Escalation Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-grbtubU"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxe-priv-esc-grbtubU",
        "defect": [
          [
            "CSCvy35833"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XE Software Tool Command Language Privilege Escalation Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-13T16:00:00",
          "ID": "CVE-2022-20676",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XE Software Tool Command Language Privilege Escalation Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XE Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This vulnerability is due to insufficient input validation of data that is passed into the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root. By default, Tcl shell access requires privilege level 15."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.1",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-250"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220413 Cisco IOS XE Software Tool Command Language Privilege Escalation Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-grbtubU"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxe-priv-esc-grbtubU",
          "defect": [
            [
              "CSCvy35833"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20676",
    "datePublished": "2022-04-15T14:16:53.321Z",
    "dateReserved": "2021-11-02T00:00:00.000Z",
    "dateUpdated": "2024-09-16T18:54:55.467Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-3088 (GCVE-0-2022-3088)

Vulnerability from cvelistv5 – Published: 2022-11-22 00:00 – Updated: 2025-04-16 17:42
VLAI
Summary
UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12,&nbsp;UC-3100 System Image: Versions v1.0 to v1.6,&nbsp;UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa's ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
Date Public
2022-11-22 00:00
Credits
En Garde ICSRange research team reported this vulnerability to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:00:10.008Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-05"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-3088",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T17:25:51.797778Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T17:42:25.272Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "UC-8100A-ME-T System Imaage",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.6",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "UC-2100 System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.12",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "UC-2100-W System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.12",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "UC-3100 System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.6",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "UC-5100 System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.4",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "UC-8100 System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "3.5",
              "status": "affected",
              "version": "3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "UC-8100-ME-T System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "3.1",
              "status": "affected",
              "version": "3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "UC-8200 System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.5",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "AIG-300 System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.4",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "UC-8410A with Debian 9 System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "status": "affected",
              "version": "4.0.2 and 4.1.2"
            }
          ]
        },
        {
          "product": "UC-8580 with Debian 9 System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "status": "affected",
              "version": "2.0 and 2.1"
            }
          ]
        },
        {
          "product": "UC-8540 with Debian 9 System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "status": "affected",
              "version": "2.0 and 2.1"
            }
          ]
        },
        {
          "product": "DA-662C-16-LX (GLB) System Image",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.1.2",
              "status": "affected",
              "version": "1.0.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "En Garde ICSRange research team reported this vulnerability to CISA. "
        }
      ],
      "datePublic": "2022-11-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12,\u0026nbsp;UC-3100 System Image: Versions v1.0 to v1.6,\u0026nbsp;UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa\u0027s ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250 Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-07T00:00:00.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-05"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Moxa developed updates to address this vulnerability. Users should follow the instructions in Moxa\u0027s security advisory to update their system image.  "
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-3088",
    "datePublished": "2022-11-22T00:00:00.000Z",
    "dateReserved": "2022-09-01T00:00:00.000Z",
    "dateUpdated": "2025-04-16T17:42:25.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-2634 (GCVE-0-2022-2634)

Vulnerability from cvelistv5 – Published: 2022-08-09 20:18 – Updated: 2025-04-16 16:13
VLAI
Title
Digi ConnectPort X2D
Summary
An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
References
Impacted products
Vendor Product Version
Digi ConnectPort X2D Affected: All manufactured prior to 01/2020
Create a notification for this product.
Date Public
2022-08-04 00:00
Credits
Aarón Flecha of S21sec reported this vulnerability to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:46:03.490Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-216-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-2634",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:53:46.897152Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:13:37.837Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ConnectPort X2D",
          "vendor": "Digi",
          "versions": [
            {
              "status": "affected",
              "version": "All manufactured prior to 01/2020"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Aar\u00f3n Flecha of S21sec reported this vulnerability to CISA."
        }
      ],
      "datePublic": "2022-08-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250 Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-09T20:18:31.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-216-01"
        }
      ],
      "source": {
        "advisory": "ICSA-22-216-01",
        "discovery": "EXTERNAL"
      },
      "title": "Digi ConnectPort X2D",
      "workarounds": [
        {
          "lang": "en",
          "value": "Digi International indicated this vulnerability does not exist in ConnectPort gateways manufactured after January 2020. It is recommended to contact Digi International support for assistance with impacted devices manufactured prior to January 2020."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2022-08-04T17:00:00.000Z",
          "ID": "CVE-2022-2634",
          "STATE": "PUBLIC",
          "TITLE": "Digi ConnectPort X2D"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ConnectPort X2D",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "All",
                            "version_value": "manufactured prior to 01/2020"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Digi"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Aar\u00f3n Flecha of S21sec reported this vulnerability to CISA."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-250 Execution with Unnecessary Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-216-01",
              "refsource": "MISC",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-216-01"
            }
          ]
        },
        "source": {
          "advisory": "ICSA-22-216-01",
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Digi International indicated this vulnerability does not exist in ConnectPort gateways manufactured after January 2020. It is recommended to contact Digi International support for assistance with impacted devices manufactured prior to January 2020."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-2634",
    "datePublished": "2022-08-09T20:18:31.257Z",
    "dateReserved": "2022-08-02T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:13:37.837Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-1808 (GCVE-0-2022-1808)

Vulnerability from cvelistv5 – Published: 2022-05-31 22:00 – Updated: 2024-08-03 00:16
VLAI
Title
Execution with Unnecessary Privileges in polonel/trudesk
Summary
Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3.
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
References
Impacted products
Vendor Product Version
polonel polonel/trudesk Affected: unspecified , < 1.2.3 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:16:59.940Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/9-polonel/trudesk"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/polonel/trudesk/commit/f739eac6fc52adc0cba83a49034100e5b99ac7c8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "polonel/trudesk",
          "vendor": "polonel",
          "versions": [
            {
              "lessThan": "1.2.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250 Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-31T22:00:13.000Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://huntr.dev/bounties/9-polonel/trudesk"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/polonel/trudesk/commit/f739eac6fc52adc0cba83a49034100e5b99ac7c8"
        }
      ],
      "source": {
        "advisory": "9-polonel/trudesk",
        "discovery": "EXTERNAL"
      },
      "title": "Execution with Unnecessary Privileges in polonel/trudesk",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2022-1808",
          "STATE": "PUBLIC",
          "TITLE": "Execution with Unnecessary Privileges in polonel/trudesk"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "polonel/trudesk",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "1.2.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "polonel"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-250 Execution with Unnecessary Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://huntr.dev/bounties/9-polonel/trudesk",
              "refsource": "CONFIRM",
              "url": "https://huntr.dev/bounties/9-polonel/trudesk"
            },
            {
              "name": "https://github.com/polonel/trudesk/commit/f739eac6fc52adc0cba83a49034100e5b99ac7c8",
              "refsource": "MISC",
              "url": "https://github.com/polonel/trudesk/commit/f739eac6fc52adc0cba83a49034100e5b99ac7c8"
            }
          ]
        },
        "source": {
          "advisory": "9-polonel/trudesk",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2022-1808",
    "datePublished": "2022-05-31T22:00:13.000Z",
    "dateReserved": "2022-05-20T00:00:00.000Z",
    "dateUpdated": "2024-08-03T00:16:59.940Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-1744 (GCVE-0-2022-1744)

Vulnerability from cvelistv5 – Published: 2022-06-24 15:00 – Updated: 2025-04-17 18:47
VLAI
Title
2.2.6 EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250
Summary
Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Date Public
2022-06-03 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:16:59.878Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "PHYSICAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.8,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-1744",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-17T17:45:48.589384Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-17T18:47:17.814Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ImageCast X application",
          "vendor": "Dominion Voting System",
          "versions": [
            {
              "status": "affected",
              "version": "Version 5.5-A Versions 5.5.10.30 and 5.5.10.32"
            }
          ]
        },
        {
          "product": "ImageCast X firmware",
          "vendor": "Dominion Voting System",
          "versions": [
            {
              "status": "affected",
              "version": "Version 5.5-A"
            }
          ]
        }
      ],
      "datePublic": "2022-06-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-24T15:00:23.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "2.2.6    EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "",
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "20220603T06:00:00.000000Z",
          "ID": "CVE-2022-1744",
          "STATE": "PUBLIC",
          "TITLE": "2.2.6    EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageCast X application",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "=",
                            "version_name": "Version 5.5-A",
                            "version_value": "Versions 5.5.10.30 and 5.5.10.32"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Dominion Voting System"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ImageCast X firmware",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "=",
                            "version_name": "",
                            "version_value": "Version 5.5-A"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Dominion Voting System"
              }
            ]
          }
        },
        "credit": [],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-250"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01",
              "refsource": "MISC",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01"
            }
          ]
        },
        "solution": [],
        "source": {
          "advisory": "",
          "defect": [],
          "discovery": "UNKNOWN"
        },
        "work_around": []
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-1744",
    "datePublished": "2022-06-24T15:00:23.804Z",
    "dateReserved": "2022-05-16T00:00:00.000Z",
    "dateUpdated": "2025-04-17T18:47:17.814Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-1517 (GCVE-0-2022-1517)

Vulnerability from cvelistv5 – Published: 2022-06-24 15:00 – Updated: 2025-04-16 16:17
VLAI
Title
3.2.1 EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250
Summary
LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected produc. An attacker could also exploit this vulnerability to access APIs not intended for general use and interact through the network.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Date Public
2022-06-02 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:10:02.759Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-153-02"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-1517",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T15:54:32.128012Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T16:17:11.157Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NextSeq 550Dx",
          "vendor": "Illumina",
          "versions": [
            {
              "status": "affected",
              "version": "LRM Versions 1.3 to 3.1"
            }
          ]
        },
        {
          "product": "MiSeq Dx",
          "vendor": "Illumina",
          "versions": [
            {
              "status": "affected",
              "version": "LRM Versions 1.3 to 3.1"
            }
          ]
        },
        {
          "product": "NextSeq 500 Instrument",
          "vendor": "Illumina",
          "versions": [
            {
              "status": "affected",
              "version": "LRM Versions 1.3 to 3.1"
            }
          ]
        },
        {
          "product": "NextSeq 550 Instrument",
          "vendor": "Illumina",
          "versions": [
            {
              "status": "affected",
              "version": "LRM Versions 1.3 to 3.1"
            }
          ]
        },
        {
          "product": "MiSeq Instrument",
          "vendor": "Illumina",
          "versions": [
            {
              "status": "affected",
              "version": "LRM Versions 1.3 to 3.1"
            }
          ]
        },
        {
          "product": "iSeq 100 Instrument",
          "vendor": "Illumina",
          "versions": [
            {
              "status": "affected",
              "version": "LRM Versions 1.3 to 3.1"
            }
          ]
        },
        {
          "product": "MiniSeq Instrument",
          "vendor": "Illumina",
          "versions": [
            {
              "status": "affected",
              "version": "LRM Versions 1.3 to 3.1"
            }
          ]
        }
      ],
      "datePublic": "2022-06-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected produc. An attacker could also exploit this vulnerability to access APIs not intended for general use and interact through the network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "cwe-250",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-24T15:00:12.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-153-02"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "3.2.1 EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "",
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "20220602T06:00:00.000000Z",
          "ID": "CVE-2022-1517",
          "STATE": "PUBLIC",
          "TITLE": "3.2.1 EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NextSeq 550Dx",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "=",
                            "version_name": "",
                            "version_value": "LRM Versions 1.3 to 3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Illumina"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MiSeq Dx",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "=",
                            "version_name": "",
                            "version_value": "LRM Versions 1.3 to 3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Illumina"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NextSeq 500 Instrument",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "=",
                            "version_name": "",
                            "version_value": "LRM Versions 1.3 to 3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Illumina"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NextSeq 550 Instrument",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "=",
                            "version_name": "",
                            "version_value": "LRM Versions 1.3 to 3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Illumina"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MiSeq Instrument",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "=",
                            "version_name": "",
                            "version_value": "LRM Versions 1.3 to 3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Illumina"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "iSeq 100 Instrument",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "=",
                            "version_name": "",
                            "version_value": "LRM Versions 1.3 to 3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Illumina"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MiniSeq Instrument",
                      "version": {
                        "version_data": [
                          {
                            "platform": "",
                            "version_affected": "=",
                            "version_name": "",
                            "version_value": "LRM Versions 1.3 to 3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Illumina"
              }
            ]
          }
        },
        "credit": [],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected produc. An attacker could also exploit this vulnerability to access APIs not intended for general use and interact through the network."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "cwe-250"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-153-02",
              "refsource": "MISC",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-153-02"
            }
          ]
        },
        "solution": [],
        "source": {
          "advisory": "",
          "defect": [],
          "discovery": "UNKNOWN"
        },
        "work_around": []
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-1517",
    "datePublished": "2022-06-24T15:00:12.934Z",
    "dateReserved": "2022-04-28T00:00:00.000Z",
    "dateUpdated": "2025-04-16T16:17:11.157Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

Mitigation MIT-18
Architecture and Design

Strategy: Separation of Privilege

Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.

Mitigation MIT-18
Architecture and Design

Strategy: Attack Surface Reduction

Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.

Mitigation
Implementation

Perform extensive input validation for any privileged code that must be exposed to the user and reject anything that does not fit your strict requirements.

Mitigation MIT-19
Implementation

When dropping privileges, ensure that they have been dropped successfully to avoid CWE-273. As protection mechanisms in the environment get stronger, privilege-dropping calls may fail even if it seems like they would always succeed.

Mitigation
Implementation

If circumstances force you to run with extra privileges, then determine the minimum access level necessary. First identify the different permissions that the software and its users will need to perform their actions, such as file read and write permissions, network socket permissions, and so forth. Then explicitly allow those actions while denying all else [REF-76]. Perform extensive input validation and canonicalization to minimize the chances of introducing a separate vulnerability. This mitigation is much more prone to error than dropping the privileges in the first place.

Mitigation MIT-37
Operation System Configuration

Strategy: Environment Hardening

Ensure that the software runs properly under the United States Government Configuration Baseline (USGCB) [REF-199] or an equivalent hardening configuration guide, which many organizations use to limit the attack surface and potential risk of deployed software.

CAPEC-104: Cross Zone Scripting

An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security.

CAPEC-470: Expanding Control over the Operating System from the Database

An attacker is able to leverage access gained to the database to read / write data to the file system, compromise the operating system, create a tunnel for accessing the host machine, and use this access to potentially attack other machines on the same network as the database machine. Traditionally SQL injections attacks are viewed as a way to gain unauthorized read access to the data stored in the database, modify the data in the database, delete the data, etc. However, almost every data base management system (DBMS) system includes facilities that if compromised allow an attacker complete access to the file system, operating system, and full access to the host running the database. The attacker can then use this privileged access to launch subsequent attacks. These facilities include dropping into a command shell, creating user defined functions that can call system level libraries present on the host machine, stored procedures, etc.

CAPEC-69: Target Programs with Elevated Privileges

This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges.