CVE-2022-48506

Summary

CVE-2022-48506 is a vulnerability affecting Dominion Voting Systems' ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners. The issue arises from a flawed pseudorandom number generator, enabling attackers to discern the order in which ballots were cast using public data. This deanonymization of voted ballots poses a significant risk in various scenarios. The vulnerability has been reported in versions 5.2, 5.4-NM, 5.5, 5.5-A, 5.5-B, 5.5-C, 5.5-D, 5.7-A, 5.10, 5.10A, and 5.15 of the Democracy Suite. Notably, the Democracy Suite 5.17 EAC Certificate of Conformance mentions an improved pseudo random number algorithm, which might be relevant.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.