← back
CVE-2022-43483

CVE-2022-43483

CVSS 9.1 CRITICALEPSS 1.2%CWE-78
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.1EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Jan 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected products
Sewio · RTLS Studio

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01