PT-2022-14287 · Unknown · Power Hal Manager Service

Published

2022-02-09

Updated

2022-02-14

CVE-2022-20040

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions power hal manager service (affected versions not specified)

Description The issue is related to a stack-based buffer overflow in the power hal manager service, which could lead to a permission bypass. This might result in local escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2022-20040

Affected Products

Power Hal Manager Service

PT-2022-14287 · Unknown · Power Hal Manager Service

CVE-2022-20040

Weakness Enumeration

Related Identifiers

Affected Products

References · 3