Please note: This website includes an accessibility system. Press Control-F11 to adjust the website to the visually impaired who are using a screen reader; Press Control-F10 to open an accessibility menu.

Glance by Mirametrix Vulnerability

Glance by Mirametrix Vulnerability

Glance by Mirametrix Vulnerability

Lenovo Security Advisory: LEN-78115

Potential Impact: Privilege escalation

Severity: High

Scope of Impact: Industry-wide

CVE Identifier: CVE-2022-24696

 

Summary Description:

Mirametrix reported a security vulnerability with Glance versions prior to 5.1.1.42207 (released on 2018-08-30) that could allow a local attacker to elevate privileges.

 

Mitigation Strategy for Customers (what you should do to protect yourself):

Mirametrix recommends users update to the most recent version available via the Microsoft Store by following the steps below.

Step 1: Uninstall Glance

  1. Go to the Windows menu and search for "Add or remove programs".
  2. Open this program and find Glance by Mirametrix® in the list of installed programs.
  3. Select uninstall and follow onscreen instructions.

Step 2: Install the latest version of Glance

  1. Go to the Glance page in the Microsoft App Store by clicking this link (the link will open the Microsoft Store Application directly).
  2. Select "Get" and follow on screen instructions.

 

Acknowledgement:

Lenovo thanks Oddvar Moe (@Oddvarmoe) of Trustedsec for reporting this issue.

 

References:

https://help.mirametrix.com/hc/en-us/articles/4424676598157

https://www.microsoft.com/en-us/p/glance-by-mirametrix/9mtvphtpwqxg

 

Revision History:

Revision Date Description
1 2022-03-08 Initial release

For a complete list of all Lenovo Product Security Advisories, click here.

For the most up to date information, please remain current with updates and advisories from Lenovo regarding your equipment and software. The information provided in this advisory is provided on an “as is” basis without any warranty or guarantee of any kind. Lenovo reserves the right to change or update this advisory at any time.


Alias Id:LEN-78115
Document ID:PS500474
Original Publish Date:03/07/2022
Last Modified Date:03/08/2022