CVE-2022-27438
First published: Mon Jun 06 2022(Updated: )
Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Caphyon Advanced Installer | <19.4 | |
| 3cx Call Flow Designer | =18.2.13 | |
| 3CX CRM Template Generator | =2.1.23 | |
| Boom Boomtv Streamer Portal | =2.2.1 | |
| Codesector Direct Folders | =4.0 | |
| TeraCopy | =3.8.5 | |
| VMware BOSH Editor | =21.3.0 | |
| Olacabs Olamoney | =4.2.19.0 | |
| Freesnippingtool Free Snipping Tool | =5.6.0.0 | |
| Fxsound | =1.1.12.0 | |
| Gainedge Better Explorer | =2020.3.15.1304 | |
| Hazelcast Jet | =4.0.2109.2802 | |
| Mailbird | =2.9.50.0 | |
| Guzogo Guzogo | =1.0.5.0 | |
| Honeygain | =0.10.7.0 | |
| Jki Vi Package Manager | =21.1.2754 | |
| Jpsoft Take Command | =28.2.18 | |
| Krylack Archive Password Recovery | =3.70.69 | |
| Krylack Asterisks Password Decryptor | =3.31.107 | |
| Krylack Burning Suite | =1.20.05 | |
| Krylack Rar Password Recovery | =3.70.69 | |
| Krylack Volume Serial Number Editor | =2.02.34 | |
| Krylack Zip Password Recovery | =3.70.69 | |
| Moonsoftware Password Agent | =20.10.1 | |
| Nefarius Scptoolkit | =1.6.238.16010 | |
| Plagiarism Checker X | =8.0.6 | |
| PrusaSlicer | =2.4.2 | |
| Realdefense Mycleanid | =4.1.4 | |
| MyCleanPC | =4.0.2 | |
| RealDefense MyPassLock | =1.9.6 | |
| Angry Birds Space | =1.4.1 | |
| Rovio Bad Piggies | =1.3.0 | |
| DisplayLink Graphics | <10.3.6400.0 | |
| Urban VPN | =2.2.5 | |
| Vigem Vigembus Driver | =1.16.116 | |
| Vpnhood | =2.4.299 | |
| Vrdesktop Virtual Desktop Streamer | =1.20.16 | |
| Xsplit Xsplit Express Video Editor | =3.0.2001.801 | |
| Rstinstruments Vw0420 Firmware | =1.33.0 | |
| Rstinstruments Vw0420 | ||
| RST Instruments Inclinalysis Digital Inclinometer | =2.48.9 | |
| Rstinstruments Ipi Utility | =1.05.0 | |
| Rstinstruments Rstar Rtu Host | =1.33.0 | |
| Rstinstruments Dt2011 Firmware | =1.19.4.0 | |
| Rstinstruments Dt2011 Firmware | ||
| Rstinstruments Dt2011b | =1.19.4.0 | |
| Rstinstruments Dt2011 Firmware | ||
| Rstinstruments Dt2040 Firmware | =1.19.4.0 | |
| Rstinstruments Dt2040 Firmware | ||
| Rstinstruments Dt2050b Firmware | =1.19.4.0 | |
| Rstinstruments Dt2050b | ||
| Rstinstruments Dt2050 Firmware | =1.19.4.0 | |
| Rstinstruments Dt2050b Firmware | ||
| Rstinstruments Dt2055b Firmware | =1.19.4.0 | |
| Rstinstruments Dt2055b Firmware | ||
| Rstinstruments Dt2306 Firmware | =1.19.4.0 | |
| Rstinstruments Dt2306 Firmware | ||
| RST Instruments DT2350 | =1.19.4.0 | |
| Rstinstruments Dt2350 Firmware | ||
| Rst Instruments Dt2485 | =1.19.4.0 | |
| Rstinstruments Dt2485 Firmware | ||
| Rstinstruments Dt4205 Firmware | =1.19.4.0 | |
| RST Instruments DT4205 | ||
| RST Instruments Dtsaa | =1.19.4.0 | |
| RST Instruments Dtsaa | ||
| Rstinstruments Ic6560 | =1.19.4.0 | |
| Rstinstruments Ic6560 Firmware | ||
| Rstinstruments Ic6660 Firmware | =1.19.4.0 | |
| Rstinstruments Ic6660 Firmware | ||
| Rstinstruments Dtl201b/2b Firmware | =1.19.4.0 | |
| Rstinstruments Dtl201b/2b | ||
| Rstinstruments Mtcm | =1.19.4.0 | |
| Rstinstruments Mtcm | ||
| Rstinstruments Gaa2820 | =1.19.4.0 | |
| Rstinstruments Gaa2820 | ||
| Rstinstruments Rtu Firmware | =1.19.4.0 | |
| Rstinstruments Rtu | ||
| Rstinstruments Mems Tilt Meter Firmware | =1.20.1 | |
| Rstinstruments Mems Tilt Meter Firmware | ||
| Rstinstruments Portable Tilt Meter Firmware | =1.20.1 | |
| Rstinstruments Portable Tilt Meter Firmware | ||
| Rstinstruments Vw2106 Firmware | ||
| Rstinstruments Vw2106 Firmware | ||
| Rstinstruments Th2016 | =1.4.0.2 | |
| Rstinstruments Th2016 | ||
| Rstinstruments Th2016b Firmware | =1.4.0.2 | |
| Rstinstruments Th2016b Firmware | ||
| Rstinstruments Ma7 Firmware | =1.4.0.2 | |
| Mikafon MA7 | ||
| Rstinstruments Qb120 Firmware | =1.4.0.2 | |
| Rstinstruments Qb120 Firmware | ||
| Rstinstruments Sg350 Firmware | =1.4.0.2 | |
| Rstinstruments Sg350 Firmware | ||
| Rstinstruments Ir420 Firmware | =1.4.0.2 | |
| Rstinstruments IR420 | ||
| Rstinstruments Lp100 Firmware | =1.4.0.2 | |
| Rstinstruments Lp100 Firmware | ||
| Rstinstruments C109 | =1.4.0.2 | |
| Rstinstruments C109 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-27438?
CVE-2022-27438 has been assigned a CVSS severity score that indicates it is a critical remote code execution vulnerability.
How do I fix CVE-2022-27438?
To mitigate CVE-2022-27438, users should upgrade to Advanced Installer version 19.4 or later.
What software is affected by CVE-2022-27438?
CVE-2022-27438 affects Caphyon Advanced Installer versions 19.3 and earlier, along with several other products using the Advanced Updater functionality.
What kind of vulnerability is CVE-2022-27438?
CVE-2022-27438 is a remote code execution vulnerability that allows potential attackers to execute arbitrary code on the affected systems.
How can CVE-2022-27438 be exploited?
Exploitation of CVE-2022-27438 requires a user to start the update check function within an affected application.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/caphyon
- canonical/caphyon advanced installer
- vendor/3cx
- canonical/3cx call flow designer
- version/3cx call flow designer/18.2.13
- canonical/3cx crm template generator
- version/3cx crm template generator/2.1.23
- vendor/boom
- canonical/boom boomtv streamer portal
- version/boom boomtv streamer portal/2.2.1
- vendor/codesector
- canonical/codesector direct folders
- version/codesector direct folders/4.0
- canonical/teracopy
- version/teracopy/3.8.5
- vendor/emeditor
- canonical/vmware bosh editor
- version/vmware bosh editor/21.3.0
- vendor/flamory
- canonical/olacabs olamoney
- version/olacabs olamoney/4.2.19.0
- vendor/freesnippingtool
- canonical/freesnippingtool free snipping tool
- version/freesnippingtool free snipping tool/5.6.0.0
- vendor/fxsound
- canonical/fxsound
- version/fxsound/1.1.12.0
- vendor/gainedge
- canonical/gainedge better explorer
- version/gainedge better explorer/2020.3.15.1304
- vendor/gamecaster
- canonical/hazelcast jet
- version/hazelcast jet/4.0.2109.2802
- vendor/getmailbird
- canonical/mailbird
- version/mailbird/2.9.50.0
- vendor/guzogo
- canonical/guzogo guzogo
- version/guzogo guzogo/1.0.5.0
- vendor/honeygain
- canonical/honeygain
- version/honeygain/0.10.7.0
- vendor/jki
- canonical/jki vi package manager
- version/jki vi package manager/21.1.2754
- vendor/jpsoft
- canonical/jpsoft take command
- version/jpsoft take command/28.2.18
- vendor/krylack
- canonical/krylack archive password recovery
- version/krylack archive password recovery/3.70.69
- canonical/krylack asterisks password decryptor
- version/krylack asterisks password decryptor/3.31.107
- canonical/krylack burning suite
- version/krylack burning suite/1.20.05
- canonical/krylack rar password recovery
- version/krylack rar password recovery/3.70.69
- canonical/krylack volume serial number editor
- version/krylack volume serial number editor/2.02.34
- canonical/krylack zip password recovery
- version/krylack zip password recovery/3.70.69
- vendor/moonsoftware
- canonical/moonsoftware password agent
- version/moonsoftware password agent/20.10.1
- vendor/nefarius
- canonical/nefarius scptoolkit
- version/nefarius scptoolkit/1.6.238.16010
- vendor/plagiarismcheckerx
- canonical/plagiarism checker x
- version/plagiarism checker x/8.0.6
- vendor/prusa3d
- canonical/prusaslicer
- version/prusaslicer/2.4.2
- vendor/realdefense
- canonical/realdefense mycleanid
- version/realdefense mycleanid/4.1.4
- canonical/mycleanpc
- version/mycleanpc/4.0.2
- canonical/realdefense mypasslock
- version/realdefense mypasslock/1.9.6
- vendor/rovio
- canonical/angry birds space
- version/angry birds space/1.4.1
- canonical/rovio bad piggies
- version/rovio bad piggies/1.3.0
- vendor/synaptics
- canonical/displaylink graphics
- vendor/urban-vpn
- canonical/urban vpn
- version/urban vpn/2.2.5
- vendor/vigem
- canonical/vigem vigembus driver
- version/vigem vigembus driver/1.16.116
- vendor/vpnhood
- canonical/vpnhood
- version/vpnhood/2.4.299
- vendor/vrdesktop
- canonical/vrdesktop virtual desktop streamer
- version/vrdesktop virtual desktop streamer/1.20.16
- vendor/xsplit
- canonical/xsplit xsplit express video editor
- version/xsplit xsplit express video editor/3.0.2001.801
- vendor/rstinstruments
- canonical/rstinstruments vw0420 firmware
- version/rstinstruments vw0420 firmware/1.33.0
- canonical/rstinstruments vw0420
- canonical/rst instruments inclinalysis digital inclinometer
- version/rst instruments inclinalysis digital inclinometer/2.48.9
- canonical/rstinstruments ipi utility
- version/rstinstruments ipi utility/1.05.0
- canonical/rstinstruments rstar rtu host
- version/rstinstruments rstar rtu host/1.33.0
- canonical/rstinstruments dt2011 firmware
- version/rstinstruments dt2011 firmware/1.19.4.0
- canonical/rstinstruments dt2011b
- version/rstinstruments dt2011b/1.19.4.0
- canonical/rstinstruments dt2040 firmware
- version/rstinstruments dt2040 firmware/1.19.4.0
- canonical/rstinstruments dt2050b firmware
- version/rstinstruments dt2050b firmware/1.19.4.0
- canonical/rstinstruments dt2050b
- canonical/rstinstruments dt2050 firmware
- version/rstinstruments dt2050 firmware/1.19.4.0
- canonical/rstinstruments dt2055b firmware
- version/rstinstruments dt2055b firmware/1.19.4.0
- canonical/rstinstruments dt2306 firmware
- version/rstinstruments dt2306 firmware/1.19.4.0
- canonical/rst instruments dt2350
- version/rst instruments dt2350/1.19.4.0
- canonical/rstinstruments dt2350 firmware
- canonical/rst instruments dt2485
- version/rst instruments dt2485/1.19.4.0
- canonical/rstinstruments dt2485 firmware
- canonical/rstinstruments dt4205 firmware
- version/rstinstruments dt4205 firmware/1.19.4.0
- canonical/rst instruments dt4205
- canonical/rst instruments dtsaa
- version/rst instruments dtsaa/1.19.4.0
- canonical/rstinstruments ic6560
- version/rstinstruments ic6560/1.19.4.0
- canonical/rstinstruments ic6560 firmware
- canonical/rstinstruments ic6660 firmware
- version/rstinstruments ic6660 firmware/1.19.4.0
- canonical/rstinstruments dtl201b/2b firmware
- version/rstinstruments dtl201b/2b firmware/1.19.4.0
- canonical/rstinstruments dtl201b/2b
- canonical/rstinstruments mtcm
- version/rstinstruments mtcm/1.19.4.0
- canonical/rstinstruments gaa2820
- version/rstinstruments gaa2820/1.19.4.0
- canonical/rstinstruments rtu firmware
- version/rstinstruments rtu firmware/1.19.4.0
- canonical/rstinstruments rtu
- canonical/rstinstruments mems tilt meter firmware
- version/rstinstruments mems tilt meter firmware/1.20.1
- canonical/rstinstruments portable tilt meter firmware
- version/rstinstruments portable tilt meter firmware/1.20.1
- canonical/rstinstruments vw2106 firmware
- canonical/rstinstruments th2016
- version/rstinstruments th2016/1.4.0.2
- canonical/rstinstruments th2016b firmware
- version/rstinstruments th2016b firmware/1.4.0.2
- canonical/rstinstruments ma7 firmware
- version/rstinstruments ma7 firmware/1.4.0.2
- canonical/mikafon ma7
- canonical/rstinstruments qb120 firmware
- version/rstinstruments qb120 firmware/1.4.0.2
- canonical/rstinstruments sg350 firmware
- version/rstinstruments sg350 firmware/1.4.0.2
- canonical/rstinstruments ir420 firmware
- version/rstinstruments ir420 firmware/1.4.0.2
- canonical/rstinstruments ir420
- canonical/rstinstruments lp100 firmware
- version/rstinstruments lp100 firmware/1.4.0.2
- canonical/rstinstruments c109
- version/rstinstruments c109/1.4.0.2
- canonical/rstinstruments c109 firmware