Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:15 a.m.8 views

CVE-2023-3243

UNSUPPORTED WHEN ASSIGNED An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salted MD5 hash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X. Recommended fix: Upgrade to a...

9.8CVSS7AI score0.00606EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:18 a.m.9 views

CVE-2022-30242

Honeywell Alerton Ascent Control Module ACM through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller...

6.8CVSS6.6AI score0.01162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:47 p.m.7 views

CVE-2022-30244

Honeywell Alerton Ascent Control Module ACM through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program...

8CVSS7.2AI score0.01358EPSS
Exploits0References1
NVD
NVD
added 2023/06/28 9:15 p.m.21 views

CVE-2023-3243

UNSUPPORTED WHEN ASSIGNED An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salted MD5 hash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X. Recommended fix: Upgrade to a...

9.8CVSS9AI score0.00606EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/28 8:23 p.m.32 views

CVE-2023-3243

UNSUPPORTED WHEN ASSIGNED An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salted MD5 hash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X. Recommended fix: Upgrade to a...

8.3CVSS9.6AI score0.00606EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/28 12:0 a.m.7 views

PT-2023-23789 · Alerton · Alerton Acm

Name of the Vulnerable Software and Affected Versions: BCM-WEB version 3.3.X Description: An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salted MD5 hash, which could result in a successful brute force password attack. Recommendation...

9.8CVSS7.3AI score0.00606EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/07/15 12:15 p.m.3 views

CVE-2022-30242

Honeywell Alerton Ascent Control Module ACM through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller...

6.8CVSS6.7AI score0.01162EPSS
Exploits0References4
NVD
NVD
added 2022/07/15 12:15 p.m.25 views

CVE-2022-30242

Honeywell Alerton Ascent Control Module ACM through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller...

6.8CVSS0.01162EPSS
Exploits0References3
OSV
OSV
added 2022/07/15 12:15 p.m.3 views

CVE-2022-30242

Honeywell Alerton Ascent Control Module ACM through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller...

6.8CVSS5.8AI score0.01162EPSS
Exploits0References3
NVD
NVD
added 2022/07/15 12:15 p.m.20 views

CVE-2022-30244

Honeywell Alerton Ascent Control Module ACM through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program...

8CVSS0.01358EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/07/15 11:40 a.m.25 views

CVE-2022-30244

Honeywell Alerton Ascent Control Module ACM through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program...

8.1AI score0.01358EPSS
Exploits0References3
CVE
CVE
added 2022/07/15 11:40 a.m.73 views

CVE-2022-30244

The CVE-2022-30244 vulnerability affects Honeywell Alerton Ascent Control Module (ACM) up to 2022-05-04. It allows unauthenticated, remote programming writes, enabling an attacker to store and execute code on the controller without verification by sending a crafted packet to change or stop the pr...

8CVSS7.8AI score0.01358EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder