CVE-2022-44037
Last modified
CVE-2022-44037 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple attacks, such as attacking wireless network in the product's range.. EPSS estimates a 0.64% chance of exploitation in the next 30 days.
Description
An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple attacks, such as attacking wireless network in the product's range.
Metrics
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Apsystems | Ecu-C Firmware | c1.2.2 |
| Apsystems | Ecu-C Firmware | v3.11.4 |
| Apsystems | Ecu-C Firmware | v4.1na |
| Apsystems | Ecu-C Firmware | v4.1saa |
| Apsystems | Ecu-C Firmware | w2.1na |
References
- https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-44037Exploit, Third Party Advisory
- https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-44037Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-44037?
How severe is CVE-2022-44037?
How do I fix CVE-2022-44037?
Are you affected by CVE-2022-44037?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST