CVE-2022-36564

Name of the Vulnerable Software and Affected Versions StrawberryPerl versions 5.32.1.1 and below

Description The issue is related to incorrect access control in the install directory of StrawberryPerl, allowing authenticated attackers to execute arbitrary code by overwriting binaries in the directory. The directory in question is C:Strawberry.

Recommendations For StrawberryPerl versions 5.32.1.1 and below, consider restricting access to the install directory to prevent unauthorized modifications until a patch is available. As a temporary workaround, monitor the directory for any suspicious activity and restrict write access to the binaries located in the directory. At the moment, there is no information about a newer version that contains a fix for this vulnerability.