Improper Protection of Alternate Path
CVE-2022-24932
Summary
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard.
- HIGH
- PHYSICAL
- HIGH
- UNCHANGED
- NONE
- NONE
- NONE
- NONE
CWE-424 - Improper Protection of Alternate Path
The product does not sufficiently protect all possible paths that a user can take to access restricted functionality or resources.
References
Advisory Timeline
- Published