Vulnerabilities > CVE-2022-37172 - Unspecified vulnerability in Msys2 20220603

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
msys2

Summary

Incorrect access control in the install directory (C:\msys64) of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.

Vulnerable Configurations

Part Description Count
Application
Msys2
2