3 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files. • https://developer.arm.com/documentation/ka005596/latest https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code. • https://developer.arm.com/documentation/ka005596/latest https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html • CWE-276: Incorrect Default Permissions CWE-284: Improper Access Control •

CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0

When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code. • https://developer.arm.com/documentation/ka005596/latest https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html • CWE-276: Incorrect Default Permissions •