Vulnerability Details CVE-2022-27502
RealVNC VNC Server 6.9.0 through 5.1.0 for Windows allows local privilege escalation because an installer repair operation executes %TEMP% files as SYSTEM.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- https://help.realvnc.com/hc/en-us/articles/360002478311-Are-there-any-known-security-vulnerabilities-#cve-2008-4770-moderate-%E2%80%94-only-affects-vnc-viewer--0-1
- https://realvnc.com
- https://help.realvnc.com/hc/en-us/articles/360002478311-Are-there-any-known-security-vulnerabilities-#cve-2008-4770-moderate-%E2%80%94-only-affects-vnc-viewer--0-1
- https://realvnc.com
Products affected by CVE-2022-27502
-
cpe:2.3:a:realvnc:vnc_server:5.1.0
-
cpe:2.3:a:realvnc:vnc_server:6.8.0
-
cpe:2.3:a:realvnc:vnc_server:6.9.0
-
cpe:2.3:o:microsoft:windows:-