CVE-2022-48506
CVSS 3.1 Score 2.4 of 10 (low)
Details
Summary
CVE-2022-48506 is a vulnerability affecting Dominion Voting Systems' ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners. The flawed pseudorandom number generator in these systems enables an attacker to discern the order in which ballots were cast from publicly available ballot-level data. This deanonymization of voted ballots poses a significant risk to voter privacy in various scenarios. The affected versions of Democracy Suite include 5.2, 5.4-NM, 5.5, 5.5-A, 5.5-B, 5.5-C, 5.5-D, 5.7-A, 5.10, 5.10A, and 5.15. A mention of an improved pseudo random number algorithm in Democracy Suite 5.17 EAC Certificate of Conformance might suggest a potential resolution.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Democracy Suite
Affected Vendors
- Dominion Voting Systems Corporation