VYPR

AirMedia Windows Application

by Crestron

CVEs (3)

  • CVE-2022-34101Sep 13, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.

  • CVE-2022-34102Sep 13, 2022
    risk 0.00cvss epss 0.01

    Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt.

  • CVE-2022-34100Sep 13, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions…