CVE-2022-32252

Name of the Vulnerable Software and Affected Versions SINEMA Remote Connect Server versions prior to V3.1

Description A vulnerability has been identified where the application does not perform integrity checks of update packages. This could allow an admin user to be tricked into installing a malicious package, potentially granting root privileges to an attacker.

Recommendations For versions prior to V3.1, update to version V3.1 or later to resolve the issue. As a temporary workaround, consider validating update packages manually before installation to minimize the risk of exploitation. Restrict access to the update package installation process to authorized personnel only.