Crestron Airmedia 4.3.1.39 for Windows
Approved changes feed: RSS · Atom
cpe:2.3:a:crestron:airmedia:4.3.1.39:*:*:*:*:windows:*:*
part: a version: 4.3.1.39 update: *
| Vendor | Crestron (c3f889c7-b88c-556e-9a5e-f70525099cf1) |
|---|---|
| Product | Airmedia (048bcc73-c377-5155-8782-6a1df6ca12ec) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | windows |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-40298 |
vulnerable | 2026-06-03 14:48:01.073369 |
Details available
Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the system and gain a SYSTEM level shell.
Published: 2022-09-22T23:30:16.000Z
Updated: 2025-05-27T15:23:18.955Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-34102 |
vulnerable | 2026-06-03 14:47:29.014565 |
Details available
Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt.
Published: 2022-09-13T21:42:19.000Z
Updated: 2024-08-03T08:16:16.877Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-34101 |
vulnerable | 2026-06-03 14:47:29.014263 |
Details available
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.
Published: 2022-09-13T21:47:01.000Z
Updated: 2024-08-03T08:16:16.512Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-34100 |
vulnerable | 2026-06-03 14:47:29.013888 |
Details available
A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that file structure during a repair operation.
Published: 2022-09-13T18:11:22.000Z
Updated: 2024-08-03T08:16:16.644Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.