PT-2022-4582 · Google+1 · Chrome Os+1

Published

2022-08-30

Updated

2024-06-15

CVE-2022-3048

CVSS v2.0

7.1

High

Vector

AV:N/AC:H/Au:N/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions Chrome OS versions prior to 105.0.5195.52

Description The issue is related to an inappropriate implementation of security checks for standard elements in the Chrome OS lockscreen. This could allow a remote attacker to disclose protected information or cause a denial of service. A local attacker with physical access to the device can bypass lockscreen navigation restrictions.

Recommendations For versions prior to 105.0.5195.52, update to version 105.0.5195.52 or later to resolve the issue. As a temporary workaround, consider restricting physical access to devices to minimize the risk of exploitation.

Fix

Incorrect Authorization

Improperly Implemented Security Check for Standard

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863CWE-358

Related Identifiers

ALT-PU-2022-2564

ALT-PU-2022-2611

ALT-PU-2022-2835

ALT-PU-2023-1462

BDU:2022-05459

CVE-2022-3048

DSA-5223-1

MGASA-2022-0318

OPENSUSE-SU-2022:10119-1

OPENSUSE-SU-2022:10120-1

OPENSUSE-SU-2024:12319-1

OPENSUSE-SU-2024:12948-1

Affected Products

Alt Linux

Chrome Os

PT-2022-4582 · Google+1 · Chrome Os+1

CVE-2022-3048

Weakness Enumeration

Related Identifiers

Affected Products

References · 2340