CVE-2022-43703

HIGH

Installer - Path Traversal

Title source: llm

Description

An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.

References (2)

[Vendor Advisory] https://developer.arm.com/documentation/ka005596/latest

[Vendor Advisory] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html

Scores

CVSS v3 7.8

EPSS 0.0007

EPSS Percentile 20.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (2)

arm/arm_development_studio

arm/ds_development_studio < 5.29.3

Timeline

Published Jul 27, 2023

Tracked Since Feb 18, 2026