CVE-2022-34405

Summary

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

Affected Software

VendorProductVersion RangeStatus
DellCPG Drivers6.0.9433.1unaffected
DellCPG Drivers6.0.9400.1unaffected
DellCPG Drivers6.0.9394.1unaffected
DellCPG Drivers1.37.275.0unaffected
DellCPG Drivers6.0.9407.1unaffected
DellCPG Drivers6.0.9388.1unaffected
DellCPG Drivers6.0.9254.1unaffected
DellCPG Drivers6.0.9422.1unaffected

Weaknesses

  • CWE-285: CWE-285: Improper Authorization

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References