3 matches found
CVE-2022-48223
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK repair, certutil.exe is called by the Acuant installer to repair certificates. This call is vulnerable to DLL hijacking due to a race condition and insecure permissions on the executing directory...
CVE-2022-48223
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK repair, certutil.exe is called by the Acuant installer to repair certificates. This call is vulnerable to DLL hijacking due to a race condition and insecure permissions on the executing directory...
CVE-2022-48223
Summary (CVE-2022-48223): A DLL hijacking race condition in Acuant AcuFill SDK (pre-10.22.02.03) during certificate repair via certutil.exe called by the installer. Causes insecure permissions on the executing directory, enabling potential unauthorized code execution or data compromise. Impact de...