CVE-2022-1745

Summary

The authentication mechanism used by technicians on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. An attacker with physical access may use this to gain administrative privileges on a device and install malicious code or perform arbitrary administrative actions.

Affected Software

VendorProductVersion RangeStatus
Dominion Voting SystemsImageCast X applicationVersion 5.5-A Versions 5.5.10.30 and 5.5.10.32affected
Dominion Voting SystemsImageCast X firmwareVersion 5.5-Aaffected

Weaknesses

  • CWE-290: CWE-290 Authentication Bypass by Spoofing

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References