Vulnerabilities > Usbview Project

DATE CVE VULNERABILITY TITLE RISK
2022-01-21 CVE-2022-23220 Missing Authentication for Critical Function vulnerability in Usbview Project Usbview
USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement.
local
low complexity
usbview-project CWE-306
7.8