admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-26xx/CVE-2022-2641.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

123 lines
3.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-2641",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-12-02T20:15:13.513",
"lastModified": "2024-11-21T07:01:25.577",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Horner Automation\u2019s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow an attacker to perform unauthorized changes to the device, remotely execute arbitrary code, or cause a denial-of-service condition."
},
{
"lang": "es",
"value": "El RCC 972 de Horner Automation con la versi\u00f3n de firmware 15.40 tiene una clave de cifrado est\u00e1tica en el dispositivo. Esto podr\u00eda permitir que un atacante realice cambios no autorizados en el dispositivo, ejecute c\u00f3digo arbitrario de forma remota o provoque una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hornerautomation:rcc972_firmware:15.40:*:*:*:*:*:*:*",
"matchCriteriaId": "ED633A76-0083-4FCB-8FF3-D0AF4CC58768"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hornerautomation:rcc972:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF8A08F-B51C-419A-A74D-02F636C19DA9"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink