CVE-2022-30627
Last modified
CVE-2022-30627 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. This vulnerability affects all of the company's products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127, update_b5_v2.0.9_b20200706. This vulnerability makes it possible to extract from the FW the existing user passwords on their operating systems and passwords.. EPSS estimates a 0.26% chance of exploitation in the next 30 days.
Description
This vulnerability affects all of the company's products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127, update_b5_v2.0.9_b20200706. This vulnerability makes it possible to extract from the FW the existing user passwords on their operating systems and passwords.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Chcnav | P5e Gnss Firmware | 4.1 |
| Chcnav | P5e Gnss Firmware | 4.2 |
| Chcnav | P5e Gnss Firmware | update_b5_v2.0.9_b20200706 |
| Chcnav | P5e Gnss Firmware | update_i50_v1.0.55_b20200509 |
| Chcnav | P5e Gnss Firmware | update_i90_cv2.021_b20210104 |
| Chcnav | P5e Gnss Firmware | update_x6_v2.1.2_b202001127 |
References
- https://www.gov.il/en/Departments/faq/cve_advisoriesThird Party Advisory
- https://www.gov.il/en/Departments/faq/cve_advisoriesThird Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-30627?
How severe is CVE-2022-30627?
How do I fix CVE-2022-30627?
Are you affected by CVE-2022-30627?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST