CVE-2022-48223
Description
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK repair, certutil.exe is called by the Acuant installer to repair certificates. This call is vulnerable to DLL hijacking due to a race condition and insecure permissions on the executing directory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Acuant AcuFill SDK before 10.22.02.03 vulnerable to DLL hijacking during SDK repair due to insecure permissions and race condition.
Vulnerability
The vulnerability resides in the Acuant AcuFill SDK prior to version 10.22.02.03. During the SDK repair process, the Acuant installer calls certutil.exe to repair certificates. This call is susceptible to DLL hijacking due to a race condition and insecure permissions on the executing directory, allowing an attacker to place a malicious DLL in the path [1].
Exploitation
An attacker must have local access or be able to write to the directory where the repair process executes. The race condition window allows the attacker to introduce a malicious DLL before certutil.exe loads it. The attacker does not require authentication beyond local user privileges to exploit the insecure permissions [1].
Impact
Successful exploitation results in arbitrary code execution with the privileges of the user running the repair (likely elevated). This could lead to full system compromise, including data exfiltration, installation of malware, or persistence [1].
Mitigation
Upgrade to Acuant AcuFill SDK version 10.22.02.03 or later, which contains the fix for this vulnerability. As of the publication date, no workarounds have been disclosed [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Acuant/AcuFill SDKdescription
- Range: < 10.22.02.03
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.