Rewterz Threat Alert – FormBook Malware – Active IOCs
March 8, 2022Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
March 8, 2022Rewterz Threat Alert – FormBook Malware – Active IOCs
March 8, 2022Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
March 8, 2022Severity
High
Analysis Summary
CVE-2022-26488
Python could allow a local authenticated attacker to gain elevated privileges on the system, caused by an issue with the search path is inadequately secured. By sending a specially-crafted request to add user-writable directories to the system search path, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-26488
Affected Vendors
Python
Affected Products
- Python 3.7.12
- Python 3.8.12
- Python 3.9.10
- Python 3.10.2
Remediation
Upgrade to the latest version of Python, available from the Python Web site.