CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43703 – Incomplete verification of installation file signature
https://notcve.org/view.php?id=CVE-2022-43703
27 Jul 2023 — An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files. • https://developer.arm.com/documentation/ka005596/latest • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-43702 – Incomplete verification of installation file signature
https://notcve.org/view.php?id=CVE-2022-43702
27 Jul 2023 — When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code. • https://developer.arm.com/documentation/ka005596/latest • CWE-276: Incorrect Default Permissions CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-43701 – Insecure directory permissions on installer files
https://notcve.org/view.php?id=CVE-2022-43701
27 Jul 2023 — When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code. • https://developer.arm.com/documentation/ka005596/latest • CWE-276: Incorrect Default Permissions •