CVE-2022-43722

Name of the Vulnerable Software and Affected Versions SICAM PAS/PQS versions prior to V7.0

Description A vulnerability has been identified where the affected software does not properly secure a folder containing library files. This could allow an attacker to place a custom malicious DLL in this folder, which is then run with SYSTEM rights when a service is started that requires this DLL. The affected firmware version of the component has already been superseded by succeeding mainline versions.

Recommendations For versions prior to V7.0, update to version V7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the folder containing library files to prevent an attacker from placing a custom malicious DLL.