CVE-2022-1739

Name of the Vulnerable Software and Affected Versions Dominion Voting Systems ImageCast X (affected versions not specified)

Description The issue is related to the incorrect validation of cryptographic signatures in the terminal emulator software of the ImageCast X ballot marking device. This could allow an attacker to execute arbitrary code. The problem arises because the tested version of the device does not validate application signatures to a trusted root certificate, which is crucial for ensuring that software installed on the device can be traced back to or verified against a cryptographic key provided by the manufacturer. This lack of validation could enable an attacker to install malicious code, potentially spreading it to other vulnerable ImageCast X devices via removable media.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.