CVE-2022-43702 – Incomplete verification of installation file signature
https://notcve.org/view.php?id=CVE-2022-43702
When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code. • https://developer.arm.com/documentation/ka005596/latest https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html • CWE-276: Incorrect Default Permissions CWE-284: Improper Access Control •
CVE-2022-43701 – Insecure directory permissions on installer files
https://notcve.org/view.php?id=CVE-2022-43701
When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code. • https://developer.arm.com/documentation/ka005596/latest https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html • CWE-276: Incorrect Default Permissions •