Lucene search
IcscertCVELIST:CVE-2022-2485HistoryAug 31, 2022 - 3:59 p.m.
CVE-2022-2485 AutomationDirect Stride Field I/O Cleartext Transmission of Sensitive Information
2022-08-3115:59:34
CWE-319
icscert
www.cve.org
4
cve-2022-2485
automationdirect
cleartext transmission
sensitive information
web browser
communication packets
CVSS3
9.6
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.001
Percentile
49.9%
Any attempt (good or bad) to log into AutomationDirect Stride Field I/O with a web browser may result in the device responding with its password in the communication packets.
CNA Affected
[
{
"product": "SIO-MB04RTDS",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.3.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO- MB04ADS",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.4.3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO-MB04THMS",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.5.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO-MB08ADS-1",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.6.3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO-MB08ADS-2",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.7.3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO-MB08THMS",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.8.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO-MB04DAS",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.11.3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO-MB12CDR",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.0.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO-MB16CDD2",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.1.4.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO-MB16ND3",
"vendor": "AutomationDirect",
"versions": [
{
"lessThan": "8.2.4.00",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "SIO-MB12CDR",
"vendor": "AutomationDirect",
"versions": [
{
"status": "affected",
"version": "batch number (B/N) 5714442222"
}
]
},
{
"product": "SIO-MB04ADS",
"vendor": "AutomationDirect",
"versions": [
{
"status": "affected",
"version": "B/N 5714442222"
}
]
},
{
"product": "SIO-MB04THMS",
"vendor": "AutomationDirect",
"versions": [
{
"status": "affected",
"version": "B/N 57141862221"
}
]
},
{
"product": "SIO-MB04DAS",
"vendor": "AutomationDirect",
"versions": [
{
"status": "affected",
"version": "B/N 4714432222"
}
]
}
]Related
nvd
nvd
CVE-2022-2485
2022-08-31 16:15:10
prion
prion
Default credentials
2022-08-31 16:15:00
ics
ics
AutomationDirect Stride Field I/O
2022-07-26 12:00:00
cve
cve
CVE-2022-2485
2022-08-31 16:15:10
CVSS3
9.6
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.001
Percentile
49.9%
Related for CVELIST:CVE-2022-2485