Anonymous ID: 9ff904 July 6, 2022, 9:27 a.m. No.16643030   🗄️.is 🔗kun

Will anyone actually care?

 

A highly anticipated report issued Friday by the Cybersecurity and Infrastructure Agency, also known as CISA, is providing official documentation of the major security flaws posed by Dominion Voting Systems Machines. It comes nearly two years after the 2020 presidential election, which the agency had called the “most secure election in history.”

 

The security vulnerabilities are listed below:

 

The tested version of ImageCast X does not validate application signatures to a trusted root certificate.

The tested version of ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device.

The tested version of ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious code.

The tested version of ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code.

The tested version of ImageCast X can be manipulated to cause arbitrary code execution by specially crafted election definition files. An attacker could leverage this vulnerability to spread malicious code to ImageCast X devices from the EMS.

Applications on the tested version of ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code.

The authentication mechanism used by technicians on the tested version of ImageCast X is susceptible to forgery. An attacker with physical access may use this to gain administrative privileges on a device and install malicious code or perform arbitrary administrative actions.

The authentication mechanism used by poll workers to administer voting using the tested version of ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment.

The authentication mechanism used by voters to activate a voting session on the tested version of ImageCast X is susceptible to forgery. An attacker could leverage this vulnerability to print an arbitrary number of ballots without authorization.

 

CISA recommended the following recommendations as ‘mitigation’ measures:

https://trendingpolitics.com/highly-anticipated-cisa-report-on-dominion-voting-machines-proves-most-secure-election-in-history-was-a-lie-knab/?utm_source=ElWiz