CVE-2022-38351

Name of the Vulnerable Software and Affected Versions Suprema BioStar (aka Bio Star) 2 version 2.8.16

Description A vulnerability in the software allows attackers to escalate privileges to System Administrator via a crafted PUT request to the "update profile page" API endpoint. This issue enables attackers to gain elevated access, potentially leading to further malicious activities.

Recommendations For Suprema BioStar (aka Bio Star) 2 version 2.8.16, as a temporary workaround, consider restricting access to the update profile page until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.