🇬🇧 Integration of Untrusted Software
🇬🇧 Integration of Untrusted Software CVE-2022-CTI-007
محتويات التنبيه:– جدول معلومات– المخاطر– الأنظمة المثأثرة– ملخص حول الثغرة– الحلول– المصادر |
معلومات :
المرجع | CVE-2022-CTI-007 |
العنوان | 🇬🇧 Integration of Untrusted Software |
تاريخ الاصدار الأول | 07 décembre 2022 |
تاريخ أخر تحديث | 07 décembre 2022 |
المصادر | |
المرفقات | Aucune(s) |
المخاطر:
الأنظمة المثأثرة:
ملخص الثغرة:
|
الحلول من هده الثغرة:
Regulatory frameworks of some countries may require companies operating in their territory to use specific software. While their integration does not usually present any technical concern, such software can be used by adversaries as an entry point to a computer network. The revelation in June 2020 of backdoor-like functionalities in certain versions of software required by Chinese regulations, as well as the NotPetya supply chain attack in 2017, illustrate the security issues posed by the integration of untrusted software. |