exploitDog

CVE-2022-2642

Опубликовано: 02 дек. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.

Ссылки

https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02
Patch
Third Party Advisory
US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02
Patch
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:hornerautomation:rcc972_firmware:15.40:*:*:*:*:*:*:*

cpe:2.3:h:hornerautomation:rcc972:-:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00202

Низкий

7.5 High

CVSS3

Дефекты

CWE-1108

Связанные уязвимости

GHSA-vxfj-h2jv-2pgr

CVSS3: 7.5

github

больше 2 лет назад

Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.

EPSS

Процентиль: 42%

0.00202

Низкий

7.5 High

CVSS3

Дефекты

CWE-1108