How severe is CVE-2022-28944?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2022-28944?

This is classified as CWE-494, which is a common weakness in software security.

CVE-2022-28944

HIGH Year: 2022

CVSS v3 Score

8.8

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-494

View all →

Vulnerability Description

Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process.

CVE-2018-19234

HIGH

CVSS:8.8(High)

The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update val...

CWE-4942018

CVE-2018-4009

HIGH

CVSS:8.8(High)

An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. A user with local access can use this vulnerability to raise their ...

CWE-4942018

CVE-2019-12809

HIGH

CVSS:8.8(High)

Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that could allow remote attackers to download and execute arbitrary files by setting the arguments to the Activ...

CWE-4942019

CVE-2020-1210

HIGH

CVSS:8.8(High)

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnera...

CWE-4942020

CVE-2020-1576

HIGH

CVSS:8.8(High)

CWE-4942020

CVE-2020-1595

HIGH

CVSS:8.8(High)

<p>A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run ...

CWE-4942020

CVE-2022-28944

Vulnerability Description

Related Vulnerabilities

CVE-2018-19234

CVE-2018-4009

CVE-2019-12809

CVE-2020-1210

CVE-2020-1576

CVE-2020-1595