CVE-2022-48226

Name of the Vulnerable Software and Affected Versions Acuant AcuFill SDK versions prior to 10.22.02.03

Description An issue was discovered in the Acuant AcuFill SDK. During installation, an executable file gets executed out of the C:WindowsTemp directory. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation.

Recommendations For versions prior to 10.22.02.03, modify the permissions to prevent manipulation and restrict access to the C:WindowsTemp directory to prevent a standard user from creating the path file ahead of time. Update to version 10.22.02.03 or later to resolve the issue.