Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the service_start, service_stop, and service_restart modules of the software. This could allow an attacker to start, stop, or restart arbitrary services running on the server.
References
| Link | Resource |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01 | Third Party Advisory US Government Resource |
| https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01 | Third Party Advisory US Government Resource |
Configurations
History
21 Nov 2024, 07:26
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01 - Third Party Advisory, US Government Resource | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
07 Nov 2023, 03:53
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the service_start, service_stop, and service_restart modules of the software. This could allow an attacker to start, stop, or restart arbitrary services running on the server. |
Information
Published : 2023-01-18 01:15
Updated : 2024-11-21 07:26
NVD link : CVE-2022-43455
Mitre link : CVE-2022-43455
CVE.ORG link : CVE-2022-43455
JSON object : View
Products Affected
sewio
- real-time_location_system_studio
CWE
CWE-20
Improper Input Validation