CVE-2022-27438

high-risk

Published 2022-06-06

Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.

Do I need to act?

12.3% chance of exploitation in next 30 days

EPSS score — higher than 88% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.1/10 High

NETWORK / HIGH complexity

Affected Products (20)

Advanced Installer

Call Flow Designer

Crm Template Generator

Boomtv Streamer Portal

Direct Folders

Teracopy

Emeditor

Flamory

Free Snipping Tool

Fxsound

Better Explorer

Gamecaster

Mailbird

Guzogo

Honeygain

Vi Package Manager

Take Command

Archive Password Recovery

Asterisks Password Decryptor

Burning Suite

Affected Vendors

3Cx Synaptics Getmailbird Prusa3D Krylack Caphyon Boom Codesector Emeditor Flamory Freesnippingtool Fxsound Gainedge Gamecaster Guzogo Honeygain Jki Jpsoft Moonsoftware Nefarius Plagiarismcheckerx Realdefense Rovio Urban-Vpn Vigem Vpnhood Vrdesktop Xsplit Rstinstruments

References (8)

Product http://advanced.com

Product http://caphyon.com

Exploit https://gerr.re/posts/cve-2022-27438/

Patch https://www.advancedinstaller.com/security-updates-auto-updater.html

Product http://advanced.com

Product http://caphyon.com

Exploit https://gerr.re/posts/cve-2022-27438/

Patch https://www.advancedinstaller.com/security-updates-auto-updater.html

/ 100

high-risk

Severity 24/34 · High

Exploitability 12/34 · Low

Exposure 28/34 · Critical