CVE-2022-2640

{"id": "CVE-2022-2640", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-12-02T20:15:12.550", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-326"}]}], "descriptions": [{"lang": "en", "value": "The Config-files of Horner Automation\u2019s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP)."}, {"lang": "es", "value": "Los archivos de configuraci\u00f3n del RCC 972 de Horner Automation con la versi\u00f3n de firmware 15.40 est\u00e1n cifrados con un cifrado XOR d\u00e9bil y vulnerable a la ingenier\u00eda inversa. Esto podr\u00eda permitir a un atacante obtener credenciales para ejecutar servicios como el Protocolo de transferencia de archivos (FTP) y el Protocolo de transferencia de hipertexto (HTTP)."}], "lastModified": "2024-11-21T07:01:25.450", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hornerautomation:rcc972_firmware:15.40:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED633A76-0083-4FCB-8FF3-D0AF4CC58768"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hornerautomation:rcc972:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0FF8A08F-B51C-419A-A74D-02F636C19DA9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}