CVE-2022-31483
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.8%
An authenticated attacker can upload a file with a filename including “…” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.271. This allows a malicious actor to overwrite sensitive system files and install a startup service to gain remote access to the underlaying Linux operating system with root privileges.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| hidglobal:lp1501_firmware | hidglobal lp1501 firmware | lt | 1.271 |
CNA Affected
[
{
"product": "LNL-X2210",
"vendor": "LenelS2",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "LNL-X2220",
"vendor": "LenelS2",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "LNL-X3300",
"vendor": "LenelS2",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "LNL-X4420",
"vendor": "LenelS2",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "LNL-4420",
"vendor": "LenelS2",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "S2-LP-1501",
"vendor": "LenelS2",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "S2-LP-1502",
"vendor": "LenelS2",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "S2-LP-2500",
"vendor": "LenelS2",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "S2-LP-4502",
"vendor": "LenelS2",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "LP1501",
"vendor": "HID Mercury",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "LP1502",
"vendor": "HID Mercury",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "LP2500",
"vendor": "HID Mercury",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "LP4502",
"vendor": "HID Mercury",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
},
{
"product": "EP4502",
"vendor": "HID Mercury",
"versions": [
{
"lessThan": "1.271",
"status": "affected",
"version": "ALL",
"versionType": "custom"
}
]
}
]Social References
More
Related
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.8%