CVE-2022-26488 — Untrusted Search Path in Python

CWE-426 — Untrusted Search Path4 documents4 sources

Severity

7.0HIGHNVD

EPSS

1.6%

top 18.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Python Debian Python2.7 Debian Python3.9

Timeline

PublishedMar 10

Latest updateOct 4

Description

In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python…

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages3 packages

▶NVDpython/python3.8.0 — 3.8.12+4

▶debiandebian/python2.7

▶debiandebian/python3.9

🔴Vulnerability Details

GHSA

GHSA-3f7p-x3g9-9grh: In Python before 3↗2022-03-11

▶

📋Vendor Advisories

Red Hat

python: local privilege escalation via search path in Windows↗2024-10-04

▶

Debian

CVE-2022-26488: python2.7 - In Python before 3.10.3 on Windows, local users can gain privileges because the ...↗2022

▶