Vulnerability Details CVE-2022-48224
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is installed with insecure permissions (full write access within Program Files). Standard users can replace files within this directory that get executed with elevated privileges, leading to a complete arbitrary code execution (elevation of privileges).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 15.2%
CVSS Severity
CVSS v3 Score 7.3
References
Products affected by CVE-2022-48224
-
cpe:2.3:a:gbgplc:acuant_acufill_sdk:-