Yandex Browser for Windows Local Privilege Escalation Vulnerability

Yandex Browser for Windows Local Privilege Escalation Vulnerability

CVE-2022-28226 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process.

Learn more about our Web Application Penetration Testing UK.