Missing Permission Check in UscAIEngine Service Allows Unauthorized Setup

Missing Permission Check in UscAIEngine Service Allows Unauthorized Setup

CVE-2022-42776 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In UscAIEngine service, there is a missing permission check. This could lead to set up UscAIEngine service with no additional execution privileges needed.

Learn more about our Web Application Penetration Testing UK.