CVE-2022-36220

EUVD-2022-38939
Kiosk breakout (without quit password) in Safe Exam Browser (Windows) <3.4.0, which allows an attacker to achieve code execution via the browsers' print dialog.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
ethzsafe_exam_browser
𝑥
< 3.4.0
𝑥
= Vulnerable software versions
References
https://github.com/SafeExamBrowser/seb-win-refactoring/issues/434
https://safeexambrowser.org/windows/win_release_notes_en.html
https://github.com/SafeExamBrowser/seb-win-refactoring/issues/434
https://safeexambrowser.org/windows/win_release_notes_en.html