Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/27xxx/CVE-2022-27438.json",
"cna_assigner": "mitre"
}