Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.7 views

CVE-2022-0715

A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series SMT Series ID=18: UPS 09.8 and prior / SMT Series...

9.1CVSS6.9AI score0.05802EPSS
Exploits0References1
NVD
NVD
added 2022/03/09 8:15 p.m.29 views

CVE-2022-0715

A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series SMT Series ID=18: UPS 09.8 and prior / SMT Series...

9.1CVSS0.05802EPSS
Exploits0References1
OSV
OSV
added 2022/03/09 8:15 p.m.5 views

CVE-2022-0715

A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series SMT Series ID=18: UPS 09.8 and prior / SMT Series...

9.1CVSS5.8AI score0.05802EPSS
Exploits0References1
CVE
CVE
added 2022/03/09 7:30 p.m.83 views

CVE-2022-0715

CVE-2022-0715 describes an improper authentication vulnerability in Schneider Electric APC Smart-UPS devices across multiple series (SMT/SMC/SCL/SMX/SRT and SmartConnect/SMTL), where a leaked key could authorize uploading unsigned firmware, allowing an attacker to arbitrarily change UPS behavior....

9.1CVSS9.2AI score0.05802EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder