๐Ÿ” CVE Alert

CVE-2022-40978

HIGH 7.5
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th

The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking

CWE CWE-427
Vendor jetbrains
Product intellij idea
Published Sep 19, 2022
Last Updated Aug 3, 2024
Stay Ahead of the Next One

Get instant alerts for jetbrains intellij idea

Be the first to know when new high vulnerabilities affecting jetbrains intellij idea are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

JetBrains / IntelliJ IDEA
2022.2.2 < 2022.2.2

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
jetbrains.com: https://www.jetbrains.com/privacy-security/issues-fixed/

Credits

Dmitry Zemlyakov