Back to search
CVE-2022-34866
Published: Jul 20, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 contain an insufficient data verification vulnerability for interprocess communication. By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where the product is running.
| Vendor | Product | Versions |
|---|---|---|
Yokogawa Rental & Lease Corporation | Passage Drive | affected Passage Drive versions v1.4.0 to v1.5.1.0 and Passage Drive for Box version v1.0.0 |
References
https://www.yrl.com/fwp_support/info/a1hrbt0000002037.html
x_refsource_MISC
https://jvn.jp/en/jp/JVN23766146/index.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now