CVE-2022-34101

Name of the Vulnerable Software and Affected Versions Crestron AirMedia Windows Application version 4.3.1.39

Description A vulnerability was discovered in the Crestron AirMedia Windows Application, where a user can place a malicious DLL in a certain path to execute code and perform a privilege escalation attack.

Recommendations For version 4.3.1.39, consider restricting access to the path where the malicious DLL can be placed until a patch is available. As a temporary workaround, monitor the system for any suspicious DLL placements and executions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.