HoneywellCVELIST:CVE-2022-46361CVE-2022-46361 Physical access to the WDM enables use of USB device to gain access to the WDM
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
23.2%
An attacker having physical access to WDM can plug USB device to gain access and execute unwanted commands. A malicious user could enter a system command along with a backup configuration, which could result in the execution of unwanted commands.Β This issue affects OneWireless all versions up to 322.1 and fixed in version 322.2.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "OneWireless",
"vendor": "Honeywell",
"versions": [
{
"lessThan": "322.2",
"status": "affected",
"version": "322.1",
"versionType": "patch 322.2"
}
]
}
]References
Related
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
23.2%