Vulnerability: Local Privilege Escalation via Incorrect Comparison in Search Engine Service

Vulnerability: Local Privilege Escalation via Incorrect Comparison in Search Engine Service

CVE-2022-20072 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID: ALPS06219118.

Learn more about our User Device Pen Test.