CVE-2022-27438 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Vendor	Product	Version
caphyon	advanced_installer	𝑥 < 19.4
3cx	call_flow_designer	18.2.13
3cx	crm_template_generator	2.1.23
boom	boomtv_streamer_portal	2.2.1
codesector	direct_folders	4.0
codesector	teracopy	3.8.5
emeditor	emeditor	21.3.0
flamory	flamory	4.2.19.0
freesnippingtool	free_snipping_tool	5.6.0.0
fxsound	fxsound	1.1.12.0
gainedge	better_explorer	2020.3.15.1304
gamecaster	gamecaster	4.0.2109.2802
getmailbird	mailbird	2.9.50.0
guzogo	guzogo	1.0.5.0
honeygain	honeygain	0.10.7.0
jki	vi_package_manager	21.1.2754
jpsoft	take_command	28.2.18
krylack	archive_password_recovery	3.70.69
krylack	asterisks_password_decryptor	3.31.107
krylack	burning_suite	1.20.05
krylack	rar_password_recovery	3.70.69
krylack	volume_serial_number_editor	2.02.34
krylack	zip_password_recovery	3.70.69
moonsoftware	password_agent	20.10.1
nefarius	scptoolkit	1.6.238.16010
plagiarismcheckerx	plagiarism_checker_x	8.0.6
prusa3d	prusaslicer	2.4.2
realdefense	mycleanid	4.1.4
realdefense	mycleanpc	4.0.2
realdefense	mypasslock	1.9.6
rovio	angry_birds_space	1.4.1
rovio	bad_piggies	1.3.0
synaptics	displaylink_usb_graphics	𝑥 < 10.3.6400.0
urban-vpn	urban_vpn	2.2.5
vigem	vigembus_driver	1.16.116
vpnhood	vpnhood	2.4.299
vrdesktop	virtual_desktop_streamer	1.20.16
xsplit	xsplit_express_video_editor	3.0.2001.801
rstinstruments	vw0420_firmware	1.33.0
rstinstruments	inclinalysis_digital_inclinometer	2.48.9
rstinstruments	ipi_utility	1.05.0
rstinstruments	rstar_rtu_host	1.33.0
rstinstruments	dt2011_firmware	1.19.4.0
rstinstruments	dt2011b_firmware	1.19.4.0
rstinstruments	dt2040_firmware	1.19.4.0
rstinstruments	dt2050_firmware	1.19.4.0
rstinstruments	dt2050b_firmware	1.19.4.0
rstinstruments	dt2055b_firmware	1.19.4.0
rstinstruments	dt2306_firmware	1.19.4.0
rstinstruments	dt2350_firmware	1.19.4.0
rstinstruments	dt2485_firmware	1.19.4.0
rstinstruments	dt4205_firmware	1.19.4.0
rstinstruments	dtsaa_firmware	1.19.4.0
rstinstruments	ic6560_firmware	1.19.4.0
rstinstruments	ic6660_firmware	1.19.4.0
rstinstruments	dtl201b\/2b_firmware	1.19.4.0
rstinstruments	mtcm_firmware	1.19.4.0
rstinstruments	gaa2820_firmware	1.19.4.0
rstinstruments	rtu_firmware	1.19.4.0
rstinstruments	mems_tilt_meter_firmware	1.20.1
rstinstruments	portable_tilt_meter_firmware	1.20.1
rstinstruments	vw2106_firmware	-
rstinstruments	th2016_firmware	1.4.0.2
rstinstruments	th2016b_firmware	1.4.0.2
rstinstruments	ma7_firmware	1.4.0.2
rstinstruments	qb120_firmware	1.4.0.2
rstinstruments	sg350_firmware	1.4.0.2
rstinstruments	ir420_firmware	1.4.0.2
rstinstruments	lp100_firmware	1.4.0.2
rstinstruments	c109_firmware	1.4.0.2

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-494 - Download of Code Without Integrity Check
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

References

http://advanced.com

http://caphyon.com

https://gerr.re/posts/cve-2022-27438/

https://www.advancedinstaller.com/security-updates-auto-updater.html

http://advanced.com

http://caphyon.com

https://gerr.re/posts/cve-2022-27438/

https://www.advancedinstaller.com/security-updates-auto-updater.html