CVE-2022-1743

The tested version of Dominion Voting System ImageCast X can be manipulated to cause arbitrary code execution by specially crafted election definition files. An attacker could leverage this vulnerability to spread malicious code to ImageCast X devices from the EMS.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01 Mitigation Third Party Advisory US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01 Mitigation Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dominionvoting:imagecast_x:*:*:*:*:*:*:*:*
cpe:2.3:h:dominionvoting:democracy_suite:5.5-a:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:dominionvoting:imagecast_x:5.5.10.30:*:*:*:*:*:*:*
cpe:2.3:a:dominionvoting:imagecast_x:5.5.10.32:*:*:*:*:*:*:*
cpe:2.3:h:dominionvoting:democracy_suite:5.5-a:*:*:*:*:*:*:*

History

21 Nov 2024, 06:41

Type Values Removed Values Added
References () https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01 - Mitigation, Third Party Advisory, US Government Resource () https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01 - Mitigation, Third Party Advisory, US Government Resource

06 Jul 2022, 02:04

Type Values Removed Values Added
CPE cpe:2.3:o:dominionvoting:imagecast_x:*:*:*:*:*:*:*:*
cpe:2.3:a:dominionvoting:imagecast_x:5.5.10.32:*:*:*:*:*:*:*
cpe:2.3:a:dominionvoting:imagecast_x:5.5.10.30:*:*:*:*:*:*:*
cpe:2.3:h:dominionvoting:democracy_suite:5.5-a:*:*:*:*:*:*:*
References (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01 - (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01 - Mitigation, Third Party Advisory, US Government Resource
CVSS v2 : unknown
v3 : unknown
v2 : 7.2
v3 : 6.8

24 Jun 2022, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-06-24 15:15

Updated : 2024-11-21 06:41


NVD link : CVE-2022-1743

Mitre link : CVE-2022-1743

CVE.ORG link : CVE-2022-1743


JSON object : View

Products Affected

dominionvoting

  • imagecast_x
  • democracy_suite
CWE
CWE-24

Path Traversal: '../filedir'