CVE-2022-24562
IOTransfer Arbitrary File Read Write Vulnerability.
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
An unauthenticated attacker can exploit a vulnerability in IOBit IOTransfer to gain arbitrary read and write access to the entire file system on a victim's endpoint. This could potentially lead to data theft and remote code execution, impacting data confidentiality and integrity if the vulnerable service is reachable.