Lucene search

MitreCVE-2022-44039

HistoryDec 05, 2022 - 9:15 p.m.

CVE-2022-44039

2022-12-0521:15:10

CWE-863

mitre

web.nvd.nist.gov

cve

security

vulnerability

franklin fueling system

ffs colibri

file system overwrite

remote attack

privilege escalation

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.003

Percentile

69.0%

JSON

Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of “fopen” system function with the mode “wb” which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password.

Affected configurations

Nvd

Node

franklinfuelingcolibri_firmwareMatch1.9.22.8925

VendorProductVersionCPE
franklinfuelingcolibri_firmware1.9.22.8925cpe:2.3:o:franklinfueling:colibri_firmware:1.9.22.8925:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
franklinfueling	colibri_firmware	1.9.22.8925	cpe:2.3:o:franklinfueling:colibri_firmware:1.9.22.8925:::::::*

References

pastebin.com/raw/64stbsWu

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.003

Percentile

69.0%

JSON

Related for CVE-2022-44039