QwikSec

Security Database

CVE

CWE

Training

CVE-2022-27438

Published: Jun 6, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://advanced.com

x_refsource_MISC

http://caphyon.com

x_refsource_MISC

https://gerr.re/posts/cve-2022-27438/

x_refsource_MISC

https://www.advancedinstaller.com/security-updates-auto-updater.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.