Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-41989
HistoryJan 18, 2023 - 1:15 a.m.

CVE-2022-41989

2023-01-1801:15:11
CWE-787
[email protected]
web.nvd.nist.gov
sewio rtls studio
communication
vulnerability
denial of service
code execution

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.1%

JSON

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an out-of-bounds write to cause a denial-of-service condition or code execution.

Affected configurations

NVD
Node
sewioreal-time_location_system_studioRange2.0.0.2.6.2

Related

prion 1
cvelist 1
cve 1
thn 1
ics 1
prion
prion
Out-of-bounds
2023-01-18 01:15:00
cvelist
cvelist
CVE-2022-41989 CVE-2022-41989
2023-01-18 00:30:13
cve
cve
CVE-2022-41989
2023-01-18 01:15:11
thn
thn
CISA Warns of Flaws Affecting Industrial Control Systems from Major Manufacturers
2023-01-16 10:47:00
ics
ics
Sewio RTLS Studio
2023-01-12 12:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.1%

JSON
Related for NVD:CVE-2022-41989
prion1cvelist1cve1thn1ics1