Unrated severityNVD Advisory· Published Dec 22, 2022· Updated Apr 16, 2025
CVE-2022-22753
CVE-2022-22753
Description
A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
47< 91.6+ 3 more
- (no CPE)range: < 91.6
- (no CPE)range: < 97
- (no CPE)range: unspecified
- (no CPE)range: unspecified
< 91.6+ 1 more
- (no CPE)range: < 91.6
- (no CPE)range: unspecified
- osv-coords41 versionspkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaFirefox&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3
< 128.5.1-1.1+ 40 more
- (no CPE)range: < 128.5.1-1.1
- (no CPE)range: < 97.0-1.1
- (no CPE)range: < 91.6.1-8.54.1
- (no CPE)range: < 91.6.0-1.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-78.162.2
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-150.18.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-152.15.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.0-112.89.1
- (no CPE)range: < 91.6.1-8.54.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.