CVE-2022-48226 Information

Description

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation.

Reference

https://acuant.com https://hackandpwn.com/disclosures/CVE-2022-48226.pdf