CVE-2022-41339 - Privilege escalation in User Administration

Vulnerability details

Severity High
CVE ID CVE 2022-41339
Reported by Sahil Dhar
Affected build(s) Builds 10.1.2207.2 to 10.1.2209.1
Fixed version For builds 10.1.2207.4 and below, upgrade to 10.1.2207.5 and above
For builds 10.1.2208.1 to 10.1.2209.1 , upgrade to 10.1.2209.2 and above
Fixed on September 28, 2022


Issues occurring in the User Administration tab resulted in privilege escalation.


MDM supports various user roles for admins, technicians and Guest users. In this instance, an issue that took place in the User Administration module in MDM, caused a case of privilege escalation.

Steps to update

This issue has been resolved in the latest build for Mobile Device Manager Plus. We recommend that users upgrade to the latest build (10.1.2209.2), to avoid facing the above mentioned issue.

To clarify any doubts or queries, contact our support team.