Lucene search
IcscertCVE-2022-2333HistorySep 16, 2022 - 10:15 p.m.
CVE-2022-2333
2022-09-1622:15:10
CWE-427
icscert
web.nvd.nist.gov
32
2
cve-2022-2333
dll injection
code execution
honeywell softmaster
security vulnerability
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.7
Confidence
High
EPSS
0.001
Percentile
35.2%
If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions.
Affected configurations
Node
honeywellsoftmasterMatch4.51
| Vendor | Product | Version | CPE |
|---|---|---|---|
| honeywell | softmaster | 4.51 | cpe:2.3:a:honeywell:softmaster:4.51:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "SoftMaster",
"vendor": "Honeywell",
"versions": [
{
"status": "affected",
"version": "4.51"
}
]
}
]References
Social References
More
Related
prion
prion
Code injection
2022-09-16 22:15:00
githubexploit
githubexploit
Exploit for Uncontrolled Search Path Element in Honeywell Softmaster
2022-04-25 10:13:40
cvelist
cvelist
CVE-2022-2333 Honeywell SoftMaster Uncontrolled Search Path Element
2022-09-16 20:18:42
nvd
nvd
CVE-2022-2333
2022-09-16 22:15:10
ics
ics
Honeywell SoftMaster
2022-09-13 12:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.7
Confidence
High
EPSS
0.001
Percentile
35.2%
Related for CVE-2022-2333