Lucene search
IcscertCVELIST:CVE-2022-2642HistoryDec 01, 2022 - 12:00 a.m.
CVE-2022-2642
2022-12-0100:00:00
CWE-1108
icscert
www.cve.org
2
horner automation
rcc 972
firmware
vulnerability
global variables
attacker
sensitive values
variable keys
device
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
50.5%
Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.
CNA Affected
[
{
"vendor": "Horner Automation",
"product": "Remote Compact Controller (RCC) 972",
"versions": [
{
"version": "Firmware Version 15.40",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2022-2642
2022-12-02 20:15:13
prion
prion
Design/Logic Flaw
2022-12-02 20:15:00
cve
cve
CVE-2022-2642
2022-12-02 20:15:13
ics
ics
Horner Automation Remote Compact Controller
2022-12-01 12:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
50.5%
Related for CVELIST:CVE-2022-2642