Rewterz Threat Advisory – CVE-2022-22394 – IBM Spectrum Protect Vulnerability
March 22, 2022Rewterz Threat Alert – Lazarus APT Group – IOCs
March 22, 2022Rewterz Threat Advisory – CVE-2022-22394 – IBM Spectrum Protect Vulnerability
March 22, 2022Rewterz Threat Alert – Lazarus APT Group – IOCs
March 22, 2022Severity
High
Analysis Summary
CVE-2022-23812
Node.js node-ipc module could allow a remote attacker to execute arbitrary code on the system, caused by the containment of malicious package. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-23812
Affected Vendors
- Node.js
Affected Products
- Node.js node-ipc 10.1.1
- Node.js node-ipc 10.1.2
Remediation
Upgrade to the latest version of node-ipc, available from the node-ipc GIT Repository.