// For flags

CVE-2022-22806

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)

Una CWE-294: se presenta una vulnerabilidad de Omisión de la Autenticación Mediante Captura-repetición que podría causar una conexión no autenticada al SAI cuando se envía una conexión malformada. Producto afectado: Familia SmartConnect: Serie SMT (SMT Series ID=1015: UPS 04.5 y anteriores), Serie SMC (SMC Series ID=1018: UPS 04.2 y anteriores), Serie SMTL (SMTL Series ID=1026: UPS 02.9 y anteriores), Serie SCL (SCL Series ID=1029: UPS 02. 5 y anteriores / SCL Series ID=1030: UPS 02.5 y anteriores / SCL Series ID=1036: UPS 02.5 y anteriores / SCL Series ID=1037: UPS 03.1 y anteriores), SMX Series (SMX Series ID=1031: UPS 03.1 y anteriores)

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-01-07 CVE Reserved
  • 2022-03-09 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-11-22 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-294: Authentication Bypass by Capture-replay
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Schneider-electric
Search vendor "Schneider-electric"
Smt Series 1015 Ups Firmware
Search vendor "Schneider-electric" for product "Smt Series 1015 Ups Firmware"
<= 04.5
Search vendor "Schneider-electric" for product "Smt Series 1015 Ups Firmware" and version " <= 04.5"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Smt Series 1015 Ups
Search vendor "Schneider-electric" for product "Smt Series 1015 Ups"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Smc Series 1018 Ups Firmware
Search vendor "Schneider-electric" for product "Smc Series 1018 Ups Firmware"
<= 04.2
Search vendor "Schneider-electric" for product "Smc Series 1018 Ups Firmware" and version " <= 04.2"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Smc Series 1018 Ups
Search vendor "Schneider-electric" for product "Smc Series 1018 Ups"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Smtl Series 1026 Ups Firmware
Search vendor "Schneider-electric" for product "Smtl Series 1026 Ups Firmware"
<= 02.9
Search vendor "Schneider-electric" for product "Smtl Series 1026 Ups Firmware" and version " <= 02.9"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Smtl Series 1026 Ups
Search vendor "Schneider-electric" for product "Smtl Series 1026 Ups"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Scl Series 1029 Ups Firmware
Search vendor "Schneider-electric" for product "Scl Series 1029 Ups Firmware"
<= 02.5
Search vendor "Schneider-electric" for product "Scl Series 1029 Ups Firmware" and version " <= 02.5"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Scl Series 1029 Ups
Search vendor "Schneider-electric" for product "Scl Series 1029 Ups"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Scl Series 1030 Ups Firmware
Search vendor "Schneider-electric" for product "Scl Series 1030 Ups Firmware"
<= 02.5
Search vendor "Schneider-electric" for product "Scl Series 1030 Ups Firmware" and version " <= 02.5"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Scl Series 1030 Ups
Search vendor "Schneider-electric" for product "Scl Series 1030 Ups"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Scl Series 1036 Ups Firmware
Search vendor "Schneider-electric" for product "Scl Series 1036 Ups Firmware"
<= 02.5
Search vendor "Schneider-electric" for product "Scl Series 1036 Ups Firmware" and version " <= 02.5"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Scl Series 1036 Ups
Search vendor "Schneider-electric" for product "Scl Series 1036 Ups"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Scl Series 1037 Ups Firmware
Search vendor "Schneider-electric" for product "Scl Series 1037 Ups Firmware"
<= 03.1
Search vendor "Schneider-electric" for product "Scl Series 1037 Ups Firmware" and version " <= 03.1"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Scl Series 1037 Ups
Search vendor "Schneider-electric" for product "Scl Series 1037 Ups"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Smx Series 1031 Ups Firmware
Search vendor "Schneider-electric" for product "Smx Series 1031 Ups Firmware"
<= 03.1
Search vendor "Schneider-electric" for product "Smx Series 1031 Ups Firmware" and version " <= 03.1"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Smx Series 1031 Ups
Search vendor "Schneider-electric" for product "Smx Series 1031 Ups"
--
Safe