CVE-2022-4964

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 24, 2024
Updated: Jan 30, 2024
CWE ID 276

Summary

CVE-2022-4964 is a vulnerability affecting Ubuntu's pipewire-pulse package in snap packages. It allows microphone access, even when the snap interface for audio-record is not set. An attacker could potentially use this issue to gain unauthorized access to audio data, posing a privacy risk to users. The vulnerability exists due to improper access control checks in pipewire-pulse, making it important for Ubuntu users to update their packages as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share