PT-2022-22006 · Crestron · Crestron Airmedia Windows Application
Published
2022-09-13
·
Updated
2022-09-19
·
CVE-2022-34102
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Crestron AirMedia Windows Application version 4.3.1.39
Description
An insufficient access control issue was found in the Crestron AirMedia Windows Application. This issue allows a user to pause the uninstallation of an executable, resulting in the ability to gain a SYSTEM level command prompt.
Recommendations
For Crestron AirMedia Windows Application version 4.3.1.39, consider restricting access to the uninstallation process of executables as a temporary workaround until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Crestron Airmedia Windows Application