CVE-2022-43703 — HIGH (7.8)

Q: What is CVE-2022-43703?

CVE-2022-43703 is a vulnerability with a CVSS score of 7.8 (HIGH). An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.

Q: How severe is CVE-2022-43703?

CVE-2022-43703 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-43703?

Check the references section above for vendor advisories and patch information. Affected products include: Arm Arm Development Studio, Arm Ds Development Studio.

Vulnerability Description

An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Arm	Arm Development Studio	All versions
Arm	Ds Development Studio	>= 5.0.0, <= 5.29.3

Related Weaknesses (CWE)

CWE-427

References

FAQ

What is CVE-2022-43703?

CVE-2022-43703 is a vulnerability with a CVSS score of 7.8 (HIGH). An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.

How severe is CVE-2022-43703?

CVE-2022-43703 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-43703?

Check the references section above for vendor advisories and patch information. Affected products include: Arm Arm Development Studio, Arm Ds Development Studio.