HIGH🇬🇧 English

CVE-2022-2642

CVSS 7.5v3.1pub. 2022-12-02upd. 2024-11-21

Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Hornerautomation Rcc972

    HW
    Hornerautomation
    wszystkie wersje
  • Hornerautomation Rcc972 Firmware

    OS
    Hornerautomation
    15.40
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-2641CRITICAL9.8ten sam produkt

Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could ...

CVE-2022-2640HIGH7.5ten sam produkt

The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryp...

CVE-2023-7206HIGH7.8ten sam vendor

In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerabil...

CVE-2023-28653HIGH7.8ten sam vendor

The affected application lacks proper validation of user-supplied data when parsing project f...

CVE-2023-27916HIGH7.8ten sam vendor

The affected application lacks proper validation of user-supplied data when parsing font files ...

CVE-2022-2642 — HIGH 7.5 | CVEbaza.pl