CISA Releases Report on Dominion Voting Systems; Software is Exploitable

Dominion Voting

The Vulnerabilities Affecting Dominion Voting Systems ImageCast Xย reportย shows that Dominion Voting System software could be leveraged by an attacker to gain elevated privileges and to install malicious code.

Vulnerabilities Affecting Dominion Voting Systems ImageCast X

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

1. SUMMARY

This advisory identifies vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X, which is an in-person voting system used to allow voters to mark their ballot. The ImageCast X can be configured to allow a voter to produce a paper record or to record votes electronically. While these vulnerabilities present risks that should be mitigated as soon as possible, CISA has no evidence that these vulnerabilities have been exploited in any elections. 

Exploitation of these vulnerabilities would require physical access to individual ImageCast X devices, access to the Election Management System (EMS), or the ability to modify files before they are uploaded to ImageCast X devices. Jurisdictions can prevent and/or detect the exploitation of these vulnerabilities by diligently applying the mitigations recommended in this advisory, including technical, physical, and operational controls that limit unauthorized access or manipulation of voting systems. Many of these mitigations are already typically standard practice in jurisdictions where these devices are in use and can be enhanced to further guard against exploitation of these vulnerabilities.

2. TECHNICAL DETAILS

2.1 AFFECTED PRODUCTS

The following versions of the Dominion Voting Systems ImageCast X software are known to be affected (other versions were not able to be tested):

  • ImageCast X firmware based on Android 5.1, as used in Dominion Democracy Suite Voting System Version 5.5-A
  • ImageCast X application Versions 5.5.10.30 and 5.5.10.32, as used in Dominion Democracy Suite Voting System Version 5.5-A
    • NOTE: After following the vendorโ€™s procedure to upgrade the ImageCast X from Version 5.5.10.30 to 5.5.10.32, or after performing other Android administrative actions, the ImageCast X may be left in a configuration that could allow an attacker who can attach an external input device to escalate privileges and/or install malicious code. Instructions to check for and mitigate this condition are available from Dominion Voting Systems.

Any jurisdictions running ImageCast X are encouraged to contact Dominion Voting Systems to understand the vulnerability status of their specific implementation. 

2.2 VULNERABILITY OVERVIEW

NOTE: Mitigations to reduce the risk of exploitation of these vulnerabilities can be found in Section 3 of this document.

2.2.1    IMPROPER VERIFICATION OF CRYPTOGRAPHIC SIGNATURE CWE-347

The tested version of ImageCast X does not validate application signatures to a trusted root certificate. Use of a trusted root certificate ensures software installed on a device is traceable to, or verifiable against, a cryptographic key provided by the manufacturer to detect tampering. An attacker could leverage this vulnerability to install malicious code, which could also be spread to other vulnerable ImageCast X devices via removable media. 

CVE-2022-1739 has been assigned to this vulnerability. 

2.2.2    MUTABLE ATTESTATION OR MEASUREMENT REPORTING DATA CWE-1283

The tested version of ImageCast Xโ€™s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device.

CVE-2022-1740 has been assigned to this vulnerability. 

2.2.3    HIDDEN FUNCTIONALITY CWE-912

The tested version of ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious code.

CVE-2022-1741 has been assigned to this vulnerability. 

2.2.4    IMPROPER PROTECTION OF ALTERNATE PATH CWE-424

The tested version of ImageCast X allows for rebooting into Android Safe Mode, which allows an attacker to directly access the operating system. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code.

CVE-2022-1742 has been assigned to this vulnerability. 

2.2.5    PATH TRAVERSAL: ‘../FILEDIR’ CWE-24

The tested version of ImageCast X can be manipulated to cause arbitrary code execution by specially crafted election definition files. An attacker could leverage this vulnerability to spread malicious code to ImageCast X devices from the EMS. 

CVE-2022-1743 has been assigned to this vulnerability. 

2.2.6    EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250

Applications on the tested version of ImageCast X can execute code with elevated privileges by exploiting a system level service. An attacker could leverage this vulnerability to escalate privileges on a device and/or install malicious code.

CVE-2022-1744 has been assigned to this vulnerability. 

2.2.7    AUTHENTICATION BYPASS BY SPOOFING CWE-290

The authentication mechanism used by technicians on the tested version of ImageCast X is susceptible to forgery. An attacker with physical access may use this to gain administrative privileges on a device and install malicious code or perform arbitrary administrative actions.

CVE-2022-1745 has been assigned to this vulnerability. 

2.2.8    INCORRECT PRIVILEGE ASSIGNMENT CWE-266

The authentication mechanism used by poll workers to administer voting using the tested version of ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and perform privileged actions, potentially affecting other election equipment.

CVE-2022-1746 has been assigned to this vulnerability. 

2.2.9    ORIGIN VALIDATION ERROR CWE-346

The authentication mechanism used by voters to activate a voting session on the tested version of ImageCast X is susceptible to forgery. An attacker could leverage this vulnerability to print an arbitrary number of ballots without authorization.

CVE-2022-1747 has been assigned to this vulnerability. 

2.3 BACKGROUND

  • CRITICAL INFRASTRUCTURE SECTORS Government Facilities / Election Infrastructure
  • COUNTRIES/AREAS DEPLOYED: Multiple
  • COMPANY HEADQUARTERS LOCATION: Denver, Colorado

2.4 RESEARCHER

J. Alex Halderman, University of Michigan, and Drew Springall, Auburn University, reported these vulnerabilities to CISA.

3. MITIGATIONS

CISA recommends election officials continue to take and further enhance defensive measures to reduce the risk of exploitation of these vulnerabilities. Specifically, for each election, election officials should: 

  • Contact Dominion Voting Systems to determine which software and/or firmware updates need to be applied. Dominion Voting Systems reports to CISA that the above vulnerabilities have been addressed in subsequent software versions.
  • Ensure all affected devices are physically protected before, during, and after voting.
  • Ensure compliance with chain of custody procedures throughout the election cycle. 
  • Ensure that ImageCast X and the Election Management System (EMS) are not connected to any external (i.e., Internet accessible) networks.
  • Ensure carefully selected protective and detective physical security measures (for example, locks and tamper-evident seals) are implemented on all affected devices, including on connected devices such as printers and connecting cables.
  • Close any background application windows on each ImageCast X device.
  • Use read-only media to update software or install files onto ImageCast X devices.
  • Use separate, unique passcodes for each poll worker card.
  • Ensure all ImageCast X devices are subjected to rigorous pre- and post-election testing.
  • Disable the โ€œUnify Tabulator Security Keysโ€ feature on the election management system and ensure new cryptographic keys are used for each election.
  • As recommended by Dominion Voting Systems, use the supplemental method to validate hashes on applications, audit log exports, and application exports.
  • Encourage voters to verify the human-readable votes on printout. 
  • Conduct rigorous post-election tabulation audits of the human-readable portions of physical ballots and paper records, to include reviewing ballot chain of custody and conducting voter/ballot reconciliation procedures. These activities are especially crucial to detect attacks where the listed vulnerabilities are exploited such that a barcode is manipulated to be tabulated inconsistently with the human-readable portion of the paper ballot. (NOTE: If states and jurisdictions so choose, the ImageCast X provides the configuration option to produce ballots that do not print barcodes for tabulation.)

Contact Information

For any questions related to this report, please contact the CISA at:

Email: CISAservicedesk@cisa.dhs.gov
Toll Free: 1-888-282-0870

For industrial control systems cybersecurity information:  https://us-cert.cisa.gov/ics 
or incident reporting:  https://us-cert.cisa.gov/report

CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.

Vulnerabilities-Affecting-Dominion-Voting-Systems-ImageCast-X_CISA

Download PDF

The Thinking Conservative
The Thinking Conservativehttps://www.thethinkingconservative.com/
The goal of THE THINKING CONSERVATIVE is to help us educate ourselves on conservative topics of importance to our freedom and our pursuit of happiness. We do this by sharing conservative opinions on all kinds of subjects, from all types of people, and all kinds of media, in a way that will challenge our perceptions and help us to make educated choices.

Columns

Viewers like you

There is no constitutional authority for any spending on public broadcasting โ€“ period. Any questions: See Article 1, Section 8 of the U.S. Constitution.

Beyond the Trump-Musk fallout?

We are witnessing an unprecedented, unhinged Democrat effort to use lawfare, big Democrat donors, street theater, congressional disruptions, potty-mouth videos, the administrative state, the legacy media, and discredited pollsters to stop the Trump agenda.

Trans-wormal

No worm ever said "I am anthropomorphizing, I am a butterfly" to a toad or flock of geese and expected acknowledgement and support.

In Greenlandโ€™s Icy Capital, Past Troubles Haunt Hopes for the Future

As geopolitical realities and ongoing economic growth raise the stakes, U.S. interest in Greenland and the dream of independence may change things in a big way.

How a Chinese Government Statistician Was Forced to Report Fake Data

Chinese local govt employee produced a non-authorized report on bees and was visited by police and threatened with being sent to a mental hospital.

News

Supreme Court Sides With DOGE in Social Security, Records Cases

The Supreme Court handed DOGE two big wins late on June 6 in its effort to reduce the size of the federal government.

Kilmar Abrego Garcia Returns to US to Face Criminal Charges

Kilmar Abrego Garcia, a citizen of El Salvador, is on his way back to the US, where he will face criminal charges for allegedly smuggling illegal immigrants.

White House Adviser Gives Update on DOGEโ€™s Future Amid Muskโ€“Trump Spat

A top White House adviser said DOGEโ€™s work will likely continue amid a spat between its former chief, Elon Musk, and President Donald Trump.

Trump Administration Asks Supreme Court to Allow Dismantling of Education Department

Trump admin asked Supreme Court to allow it to resume dismantling U.S. Dept of Education, following a lower courtโ€™s previous order halting process.

FTC Warns of Rising Student Loan Scams, Says Fraudsters Took Millions From Borrowers

FTC is warning borrowers to steer clear of student loan debt-relief scams, after shutting down group of companies that allegedly charged millions in illegal fees and left customers worse off.

Walmartโ€™s Drone Delivery Coming to 5 More US Cities

Walmart is set to launch its drone delivery service in five more U.S. cities: Atlanta, Charlotte, Houston, Orlando, and Tampa, the company.

Court Orders Trump Administration to Restore AmeriCorps Funding to States

Federal court ordered Trump admin to restore AmeriCorps funding to states. The ruling comes as part of a lawsuit filed by 24 states and DC.

Tax Deductions You Can Take Without Itemizing

Itโ€™s not always beneficial to itemize. With IRSโ€™s current standard deduction for 2025 most Americans who canโ€™t itemize go with standard deduction.
spot_img

Related Articles