In the advisory below, DHS/CISA warn of nine key vulnerabilities to the machines manufactured by Dominion Voting Systems, but say they have "no evidence that these vulnerabilities have been exploited."
While this advisory was leaked to the media yesterday, AlertsUSA chose to wait for the actual document to be released.
ICS Advisory (ICSA-22-154-01)
Vulnerabilities Affecting Dominion Voting Systems ImageCast XSUMMARYThis advisory identifies vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X, which is an in-person voting system used to allow voters to mark their ballot. The ImageCast X can be configured to allow a voter to produce a paper record or to record votes electronically. While these vulnerabilities present risks that should be mitigated as soon as possible, CISA has no evidence that these vulnerabilities have been exploited in any elections.
Exploitation of these vulnerabilities would require physical access to individual ImageCast X devices, access to the Election Management System (EMS), or the ability to modify files before they are uploaded to ImageCast X devices. Jurisdictions can prevent and/or detect the exploitation of these vulnerabilities by diligently applying the mitigations recommended in this advisory, including technical, physical, and operational controls that limit unauthorized access or manipulation of voting systems. Many of these mitigations are already typically standard practice in jurisdictions where these devices are in use and can be enhanced to further guard against exploitation of these vulnerabilities.
Read the full advisory published today:https://www.cisa.gov/uscert/ics/advisories/icsa-22-154-01
