Lucene search
HistorySep 13, 2022 - 3:15 p.m.
CVE-2022-38453
cms8000
binary application files
not stripped
debug_info
reverse engineering
vulnerabilities
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS
0
Percentile
10.4%
Multiple binary application files on the CMS8000 device are compiled with ‘not stripped’ and ‘debug_info’ compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities.
Affected configurations
Node
contechealthcms8000_firmwareMatch-
contechealthcms8000Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| contechealth | cms8000_firmware | - | cpe:2.3:o:contechealth:cms8000_firmware:-:*:*:*:*:*:*:* |
| contechealth | cms8000 | - | cpe:2.3:h:contechealth:cms8000:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-38453 Contec Health CMS8000
2022-09-13 14:55:03
cve
cve
CVE-2022-38453
2022-09-13 15:15:08
prion
prion
Code injection
2022-09-13 15:15:00
ics
ics
Contec Health CMS8000
2022-09-01 12:00:00
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS
0
Percentile
10.4%
Related for NVD:CVE-2022-38453