CVE-2022-24644

Опубликовано: 10 мар. 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Средний

Описание

ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse.

Ссылки

http://keymouse.com
Product
Vendor Advisory
https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf
Exploit
Third Party Advisory
http://keymouse.com
Product
Vendor Advisory
https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:zzinc:keymouse_firmware:2.02:*:*:*:*:windows:*:*

cpe:2.3:o:zzinc:keymouse_firmware:3.05:*:*:*:*:windows:*:*

cpe:2.3:o:zzinc:keymouse_firmware:3.08:*:*:*:*:windows:*:*

cpe:2.3:h:zzinc:keymouse:-:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10839

Средний

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-494

Связанные уязвимости

GHSA-4gq4-23pp-r535