CVE-2022-40298
- EPSS 0.25%
- Published 23.09.2022 00:15:10
- Last modified 27.05.2025 16:15:27
Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the syst...
CVE-2022-34102
- EPSS 0.39%
- Published 13.09.2022 22:15:09
- Last modified 21.11.2024 07:08:53
Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt.
CVE-2022-34101
- EPSS 0.14%
- Published 13.09.2022 22:15:08
- Last modified 21.11.2024 07:08:52
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.
CVE-2022-34100
- EPSS 0.23%
- Published 13.09.2022 19:15:09
- Last modified 21.11.2024 07:08:52
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service execut...