Vulnerabilities > Dominionvoting
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-19 | CVE-2022-48506 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Dominionvoting Democracy Suite A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of scenarios. | 2.4 |
| 2022-06-24 | CVE-2022-1739 | Improper Verification of Cryptographic Signature vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32 The tested version of Dominion Voting Systems ImageCast X does not validate application signatures to a trusted root certificate. | 6.8 |
| 2022-06-24 | CVE-2022-1740 | Unspecified vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32 The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. low complexity dominionvoting | 4.6 |
| 2022-06-24 | CVE-2022-1741 | Unspecified vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32 The tested version of Dominion Voting Systems ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious code. low complexity dominionvoting | 6.8 |
| 2022-06-24 | CVE-2022-1742 | Improper Protection of Alternate Path vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32 The tested version of Dominion Voting Systems ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. | 7.2 |
| 2022-06-24 | CVE-2022-1743 | Path Traversal: '../filedir' vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32 The tested version of Dominion Voting System ImageCast X can be manipulated to cause arbitrary code execution by specially crafted election definition files. | 7.2 |
| 2022-06-24 | CVE-2022-1744 | Execution with Unnecessary Privileges vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32 Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with elevated privileges by exploiting a system level service. | 7.2 |
| 2022-06-24 | CVE-2022-1745 | Authentication Bypass by Spoofing vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32 The authentication mechanism used by technicians on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. | 7.2 |
| 2022-06-24 | CVE-2022-1746 | Incorrect Authorization vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32 The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. | 7.6 |
| 2022-06-24 | CVE-2022-1747 | Origin Validation Error vulnerability in Dominionvoting Imagecast X 5.5.10.30/5.5.10.32 The authentication mechanism used by voters to activate a voting session on the tested version of Dominion Voting Systems ImageCast X is susceptible to forgery. | 2.1 |