CVE-2022-2640
CVE-2022-2640
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 dic 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Productos afectados
Horner Automation · Remote Compact Controller (RCC) 972¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →