CVE-2022-31218

Name of the Vulnerable Software and Affected Versions Drive Composer (affected versions not specified)

Description The issue allows a low-privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content, provided the file does not already exist. Additionally, the Drive Composer installer file permits a low-privileged user to perform a "repair" operation on the product.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.