Lucene search

[email protected]NVD:CVE-2022-31481

HistoryJun 06, 2022 - 5:15 p.m.

CVE-2022-31481

2022-06-0617:15:11

CWE-120

[email protected]

web.nvd.nist.gov

unauthenticated access

buffer overflow

firmware versions

code execution manipulation

communication monitoring

relay manipulation

configuration files

device stability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

EPSS

0.003

Percentile

66.0%

JSON

An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP series and 1.296 for the EP series. The overflowed data can allow the attacker to manipulate the “normal” code execution to that of their choosing. An attacker with this level of access on the device can monitor all communications sent to and from this device, modify onboard relays, change configuration files, or cause the device to become unstable.

Affected configurations

Nvd

Node

hidgloballp1501_firmwareRange<1.302

AND

hidgloballp1501Match-

Node

hidgloballp1502_firmwareRange<1.302

AND

hidgloballp1502Match-

Node

hidgloballp2500_firmwareRange<1.302

AND

hidgloballp2500Match-

Node

hidgloballp4502_firmwareRange<1.302

AND

hidgloballp4502Match-

Node

hidglobalep4502_firmwareRange<1.296

AND

hidglobalep4502Match-

Node

carrierlenels2_lnl-4420_firmwareRange<1.296

AND

carrierlenels2_lnl-4420Match-

Node

carrierlenels2_lnl-x2210_firmwareRange<1.302

AND

carrierlenels2_lnl-x2210Match-

Node

carrierlenels2_lnl-x2220_firmwareRange<1.302

AND

carrierlenels2_lnl-x2220Match-

Node

carrierlenels2_lnl-x3300_firmwareRange<1.302

AND

carrierlenels2_lnl-x3300Match-

Node

carrierlenels2_lnl-x4420_firmwareRange<1.302

AND

carrierlenels2_lnl-x4420Match-

Node

carrierlenels2_s2-lp-1501_firmwareRange<1.302

AND

carrierlenels2_s2-lp-1501Match-

Node

carrierlenels2_s2-lp-1502_firmwareRange<1.302

AND

carrierlenels2_s2-lp-1502Match-

Node

carrierlenels2_s2-lp-2500_firmwareRange<1.302

AND

carrierlenels2_s2-lp-2500Match-

Node

carrierlenels2_s2-lp-4502_firmwareRange<1.302

AND

carrierlenels2_s2-lp-4502Match-

VendorProductVersionCPE
hidgloballp1501_firmware*cpe:2.3:o:hidglobal:lp1501_firmware:*:*:*:*:*:*:*:*
hidgloballp1501-cpe:2.3:h:hidglobal:lp1501:-:*:*:*:*:*:*:*
hidgloballp1502_firmware*cpe:2.3:o:hidglobal:lp1502_firmware:*:*:*:*:*:*:*:*
hidgloballp1502-cpe:2.3:h:hidglobal:lp1502:-:*:*:*:*:*:*:*
hidgloballp2500_firmware*cpe:2.3:o:hidglobal:lp2500_firmware:*:*:*:*:*:*:*:*
hidgloballp2500-cpe:2.3:h:hidglobal:lp2500:-:*:*:*:*:*:*:*
hidgloballp4502_firmware*cpe:2.3:o:hidglobal:lp4502_firmware:*:*:*:*:*:*:*:*
hidgloballp4502-cpe:2.3:h:hidglobal:lp4502:-:*:*:*:*:*:*:*
hidglobalep4502_firmware*cpe:2.3:o:hidglobal:ep4502_firmware:*:*:*:*:*:*:*:*
hidglobalep4502-cpe:2.3:h:hidglobal:ep4502:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hidglobal	lp1501_firmware	*	cpe:2.3:o:hidglobal:lp1501_firmware::::::::
hidglobal	lp1501	-	cpe:2.3:h:hidglobal:lp1501:-:::::::*
hidglobal	lp1502_firmware	*	cpe:2.3:o:hidglobal:lp1502_firmware::::::::
hidglobal	lp1502	-	cpe:2.3:h:hidglobal:lp1502:-:::::::*
hidglobal	lp2500_firmware	*	cpe:2.3:o:hidglobal:lp2500_firmware::::::::
hidglobal	lp2500	-	cpe:2.3:h:hidglobal:lp2500:-:::::::*
hidglobal	lp4502_firmware	*	cpe:2.3:o:hidglobal:lp4502_firmware::::::::
hidglobal	lp4502	-	cpe:2.3:h:hidglobal:lp4502:-:::::::*
hidglobal	ep4502_firmware	*	cpe:2.3:o:hidglobal:ep4502_firmware::::::::
hidglobal	ep4502	-	cpe:2.3:h:hidglobal:ep4502:-:::::::*