VYPR
Unrated severityNVD Advisory· Published Jun 15, 2022· Updated Apr 23, 2025

Drive Composer Link Following Local Privilege Escalation Vulnerability

CVE-2022-31218

Description

Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.

Affected products

5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.