CVE-2022-40298 – Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which le …

Vuln ID: CVE-2022-40298

Published:  2022-09-23  00:15:10Z

Description: Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the system and gain a SYSTEM level shell.

Source: NVD.NIST.GOV