Lucene search
IcscertCVELIST:CVE-2022-1667HistoryJun 24, 2022 - 3:00 p.m.
CVE-2022-1667 Secheron SEPCOS Control and Protection Relay
2022-06-2415:00:30
CWE-841
icscert
www.cve.org
3
cve-2022-1667
client-side javascript
plc reboot
browser accessible php
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
36.6%
Client-side JavaScript controls may be bypassed by directly running a JS function to reboot the PLC (e.g., from the browser console) or by loading the corresponding, browser accessible PHP script
CNA Affected
[
{
"product": "SEPCOS Control and Protection Relay firmware package",
"vendor": "Secheron",
"versions": [
{
"changes": [
{
"at": "1.24.8",
"status": "unaffected"
},
{
"at": "1.25.3",
"status": "unaffected"
}
],
"lessThan": "1.23.21",
"status": "affected",
"version": "All versions",
"versionType": "custom"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-06-24 15:15:00
cnvd
cnvd
Unspecified vulnerability in Secheron SEPCOS Control and Protection Relay
2022-06-27 00:00:00
nvd
nvd
CVE-2022-1667
2022-06-24 15:15:09
cve
cve
CVE-2022-1667
2022-06-24 15:15:09
ics
ics
Secheron SEPCOS Control and Protection Relay
2022-06-23 12:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
36.6%
Related for CVELIST:CVE-2022-1667