How severe is CVE-2022-35868?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2022-35868?

This is classified as CWE-426, which is a common weakness in software security.

CVE-2022-35868 - HIGH Severity | CVSS 7.3

Vulnerability Description

A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions < V17 Update 6). Affected applications contain an untrusted search path vulnerability that could allow an attacker to escalate privileges, when tricking a legitimate user to start the service from an attacker controlled path.

Related Vulnerabilities

CVE-2016-0018

HIGH

CVSS:7.3(High)

Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka ...

CWE-4262016

CVE-2016-10009

HIGH

CVSS:7.3(High)

Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-so...

CWE-4262016

CVE-2016-1014

HIGH

CVSS:7.3(High)

Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain priv...

CWE-4262016

CVE-2017-11657

HIGH

CVSS:7.3(High)

Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.

CWE-4262017

CVE-2017-2157

HIGH

CVSS:7.3(High)

Untrusted search path vulnerability in installers for The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.1 and earlier, The Public Certification...

CWE-4262017

CVE-2017-6189

HIGH

CVSS:7.3(High)

Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working dir...

CWE-4262017