CVE-2022-3027

The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name, including non-standard characters that, when the device attempts connecting to the malicious SSID, the device can be exploited to write arbitrary files or display incorrect information.

CVSS v3 5.7 MEDIUM

5.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.1 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.cisa.gov/uscert/ics/advisories/icsma-22-244-01	Mitigation Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:contechealth:cms8000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:contechealth:cms8000:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-09-13 15:15

Updated : 2024-02-28 19:29

NVD link : CVE-2022-3027

Mitre link : CVE-2022-3027

CVE.ORG link : CVE-2022-3027

JSON object : View

Products Affected

contechealth

cms8000_firmware
cms8000

CWE

NVD-CWE-noinfo CWE-284

Improper Access Control

{"id": "CVE-2022-3027", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.1}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.1}]}, "published": "2022-09-13T15:15:09.257", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-244-01", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name, including non-standard characters that, when the device attempts connecting to the malicious SSID, the device can be exploited to write arbitrary files or display incorrect information."}, {"lang": "es", "value": "El dispositivo CMS8000 no controla o sanea apropiadamente el nombre SSID de un nuevo punto de acceso Wi-Fi. Un actor de la amenaza podr\u00eda crear un SSID con un nombre malicioso, incluyendo caracteres no est\u00e1ndar que, cuando el dispositivo intenta conectarse al SSID malicioso, el dispositivo puede ser explotado para escribir archivos arbitrarios o mostrar informaci\u00f3n incorrecta"}], "lastModified": "2022-09-14T22:42:43.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:contechealth:cms8000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C197D62-6F35-4B87-A721-BDB696EA240F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:contechealth:cms8000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3A0CD9FA-68D7-4EEE-93A5-97275D84E2D3"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}