CVE-2022-1523

CRITICAL Year: 2022
CVSS v3 Score
9.1
Critical
Weakness Type
CWE-123
View all →

Vulnerability Description

Fuji Electric D300win prior to version 3.7.1.17 is vulnerable to a write-what-where condition, which could allow an attacker to overwrite program memory to manipulate the flow of information.

Related Vulnerabilities

CVE-2018-3971

CRITICAL
CVSS:9.3(Critical)

An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data ...

CWE-1232018

CVE-2021-42540

HIGH
CVSS:8.8(High)

The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.

CWE-1232021

CVE-2022-37904

HIGH
CVSS:8.8(High)

Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achie...

CWE-1232022

CVE-2022-41757

HIGH
CVSS:8.8(High)

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already fre...

CWE-1232022

CVE-2020-7560

HIGH
CVSS:8.6(High)

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a c...

CWE-1232020

CVE-2014-5435

CRITICAL
CVSS:9.8(Critical)

An arbitrary memory write vulnerability exists in the dual_onsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote...

CWE-1232014