Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process.
References
Link | Resource |
---|---|
http://emco.com | Not Applicable |
http://msi.com | Not Applicable |
https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf | Exploit Third Party Advisory |
http://emco.com | Not Applicable |
http://msi.com | Not Applicable |
https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
History
21 Nov 2024, 06:58
Type | Values Removed | Values Added |
---|---|---|
References | () http://emco.com - Not Applicable | |
References | () http://msi.com - Not Applicable | |
References | () https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf - Exploit, Third Party Advisory |
Information
Published : 2022-05-23 18:16
Updated : 2024-11-21 06:58
NVD link : CVE-2022-28944
Mitre link : CVE-2022-28944
CVE.ORG link : CVE-2022-28944
JSON object : View
Products Affected
emcosoftware
- wakeonlan
- network_inventory
- network_software_scanner
- ping_monitor
- msi_package_builder
- remote_installer
- unlock_it
- remote_shutdown
microsoft
- windows
CWE
CWE-494
Download of Code Without Integrity Check