Mint WorkBench Link Following Local Privilege Escalation Vulnerability
CVE-2022-26057

6.7MEDIUM

Key Information:

Vendor: Abb
Status: Mint Workbench
Vendor: CVE Published:; 15 June 2022

What is CVE-2022-26057?

Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Mint WorkBench installer file allows a low-privileged user to run a "repair" operation on the product

Affected Version(s)

Mint WorkBench build <= 5866

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 15, 2022
Vulnerability Reserved
Feb 28, 2022

Credit

This vulnerability was discovered by Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative. ABB appreciates their actions to keep our products safe for our customers.

Abb

What is CVE-2022-26057?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit