CVE-2022-1746 — HIGH (7.6) — White Hats Nepal

Vulnerability Description

The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment.

CVSS Score

7.6

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Dominionvoting	Imagecast X	All versions
Dominionvoting	Democracy Suite	5.5-a

Related Weaknesses (CWE)

CWE-266 CWE-863

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01MitigationThird Party AdvisoryUS Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01MitigationThird Party AdvisoryUS Government Resource

FAQ

What is CVE-2022-1746?

CVE-2022-1746 is a vulnerability with a CVSS score of 7.6 (HIGH). The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election informa...

How severe is CVE-2022-1746?

CVE-2022-1746 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-1746?

Check the references section above for vendor advisories and patch information. Affected products include: Dominionvoting Imagecast X, Dominionvoting Democracy Suite.