CVE-2022-43703

HIGH

ARM Development Studio 5.0.0-5.29.3 - Uncontrolled Search Path Element

Title source: llm

Description

An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.

References (2)

Core 2

Core References

Vendor Advisory

https://developer.arm.com/documentation/ka005596/latest

Vendor Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html

Scores

CVSS v3 7.8

EPSS 0.0006

EPSS Percentile 18.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-427

Status published

Products (2)

arm/arm_development_studio

arm/ds_development_studio 5.0.0 - 5.29.3

Published Jul 27, 2023

Tracked Since Feb 18, 2026