CVE-2022-36403

Name of the Vulnerable Software and Affected Versions Device Software Manager versions prior to 2.20.3.0

Description The issue is related to an untrusted search path vulnerability in the installer of Device Software Manager. This vulnerability can be exploited by an attacker to gain privileges via a Trojan horse DLL in an unspecified directory, potentially allowing the loading of arbitrary files.

Recommendations For versions prior to 2.20.3.0, update to version 2.20.3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the installer to minimize the risk of exploitation.