Lucene search

MitreCVE-2022-26240

HistoryOct 06, 2022 - 6:15 p.m.

CVE-2022-26240

2022-10-0618:15:56

CWE-732

mitre

web.nvd.nist.gov

cve-2022-26240

beckman coulter remisol advance

normand message buffer

security vulnerability

data access

privilege escalation

nvd

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

28.4%

JSON

The default privileges for the running service Normand Message Buffer in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.

Affected configurations

Nvd

Node

beckmancoulterremisol_advanceRange≤2.0.12.1

AND

microsoftwindowsMatch-

VendorProductVersionCPE
beckmancoulterremisol_advance*cpe:2.3:a:beckmancoulter:remisol_advance:*:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
beckmancoulter	remisol_advance	*	cpe:2.3:a:beckmancoulter:remisol_advance::::::::
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*

References

pastebin.com/Bsy6KTxJ

www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance

Social References

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

28.4%

JSON

Related for CVE-2022-26240