PT-2022-14236 · Hypr · Hypr Windows Wfa

Published

2022-07-19

Updated

2022-07-27

CVE-2022-1984

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions HYPR Windows WFA versions prior to 7.2

Description The issue is related to an Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) that may allow local authenticated attackers to elevate privileges via a malicious serialized payload.

Recommendations For HYPR Windows WFA versions prior to 7.2, update to version 7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.

Fix

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2022-1984

Affected Products

Hypr Windows Wfa

PT-2022-14236 · Hypr · Hypr Windows Wfa

CVE-2022-1984

Weakness Enumeration

Related Identifiers

Affected Products

References · 6