← back
CVE-2022-24317

CVE-2022-24317

EPSS 1.2%CWE-862
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
09 Feb 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
Affected products
n/a · Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01https://www.zerodayinitiative.com/advisories/ZDI-22-324/