CVE-2022-26235

Published: Oct 6, 2022Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A vulnerability was discovered in the Remisol Advance v2.0.12.1 and below for the Normand Message Server. On installation, the permissions set by Remisol Advance allow non-privileged users to overwrite and/or manipulate executables and libraries that run as the elevated SYSTEM user on Windows.

Affected (1)

Products: Beckmancoulter: Remisol Advance

1 product

Remisol Advance

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Beckmancoulter Remisol Advance	Up to 2.0.12.1

Related CWEs

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (4)

https://pastebin.com/amgw9pE7

Source: cve@mitre.org

Third Party Advisory

https://www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance

Source: cve@mitre.org

ProductVendor Advisory

https://pastebin.com/amgw9pE7

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance

Source: af854a3a-2127-422b-91ae-364da2661108

ProductVendor Advisory

Timeline

No history available yet.