# CVE-2022-37706
The **CVE-2022-37706** vulnerability is related to the **Enlightenment** window manager, specifically the `enlightenment_sys` binary. This binary has the **SUID** (Set User ID) bit enabled, meaning it can be executed with elevated privileges (usually as the root user).
### Summary:
- **Vulnerability**: CVE-2022-37706 is a local privilege escalation vulnerability.
- **Component**: The `enlightenment_sys` binary in the Enlightenment window manager.
- **Issue**: An attacker can exploit improper input handling or insecure file path manipulations in this SUID binary. By crafting a malicious command or manipulating file paths, the attacker can execute arbitrary code as the root user.
- **Impact**: Successful exploitation grants the attacker a root shell, enabling full control over the system.
- **Risk**: This vulnerability is particularly dangerous on systems where the Enlightenment window manager is installed, as it allows local users to gain root access.
### Mitigation:
To protect against this vulnerability, users should update to a patched version of Enlightenment where the SUID permissions are properly managed, or remove the SUID bit from the vulnerable binary (`chmod u-s enlightenment_sys`).
This vulnerability highlights the risks of improper privilege management in setuid binaries.
[4.0K] /data/pocs/45d18d67802a8af4555da959fb919a1237383866
├── [1.3K] exploit.sh
└── [1.3K] README.md
0 directories, 2 files