CVE-2022-24387

With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
smartertoolssmartertrack
100.0.8019 ≤
𝑥
< 100.0.8075
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
smartertoolssmartertrack
100.0.8019.x ≤
𝑥
< Build_8075
ADP
Common Weakness Enumeration
References
https://csirt.divd.nl/CVE-2022-24387/
https://csirt.divd.nl/DIVD-2021-00029
https://csirt.divd.nl/DIVD-2021-00029
https://csrit.divd.nl/CVE-2022-24387