Lucene search
IcscertCVE-2022-3386HistoryOct 27, 2022 - 9:15 p.m.
CVE-2022-3386
2022-10-2721:15:13
CWE-787
CWE-121
icscert
web.nvd.nist.gov
39
cve-2022-3386
advantech r-seenet
buffer overflow
stack-based
remote code execution
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.003
Percentile
70.1%
Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution.
Affected configurations
Node
advantechr-seenetRange≤2.4.17
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "R-SeeNet",
"vendor": "Advantech",
"versions": [
{
"lessThanOrEqual": "2.4.17",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
CVE-2022-3386
2022-10-27 20:34:44
nvd
nvd
CVE-2022-3386
2022-10-27 21:15:13
prion
prion
Stack overflow
2022-10-27 21:15:00
cnvd
cnvd
Advantech R-SeeNet Stack Buffer Overflow Vulnerability
2022-10-24 00:00:00
zdi
zdi
ics
ics
Advantech R-SeeNet
2022-10-18 12:00:00
thn
thn
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.003
Percentile
70.1%
Related for CVE-2022-3386