← Volver a CVEs
CVE-2022-43702
HIGH7.8
Descripcion
When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code.
Detalles CVE
Puntuacion CVSS v3.17.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado7/27/2023
Ultima modificacion2/13/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
arm:arm_compilerarm:arm_compiler_for_embedded_fusaarm:arm_compiler_for_functional_safetyarm:arm_development_studioarm:ds_development_studioarm:fast_models
Debilidades (CWE)
CWE-284CWE-276
Referencias
https://developer.arm.com/documentation/ka005596/latest(arm-security@arm.com)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html(arm-security@arm.com)
https://developer.arm.com/documentation/ka005596/latest(af854a3a-2127-422b-91ae-364da2661108)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.