The tested version of Dominion Voting Systems ImageCast X does not validate application signatures to a trusted root certificate. Use of a trusted root certificate ensures software installed on a device is traceable to, or verifiable against, a cryptographic key provided by the manufacturer to detect tampering. An attacker could leverage this vulnerability to install malicious code, which could also be spread to other vulnerable ImageCast X devices via removable media.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01 | Mitigation Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2022-06-03T00:00:00
Updated: 2022-06-24T15:00:22
Reserved: 2022-05-16T00:00:00
Link: CVE-2022-1739
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-24T15:15:09.673
Modified: 2022-10-26T15:27:02.943
Link: CVE-2022-1739
JSON object: View
Redhat Information
No data.
CWE