// For flags

CVE-2022-2591

TEM FLEX-1085 reboot denial of service

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

3
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability classified as critical has been found in TEM FLEX-1085 1.6.0. Affected is an unknown function of the file /sistema/flash/reboot. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Se ha encontrado una vulnerabilidad clasificada como crítica en TEM FLEX-1085 versión 1.6.0. Está afectada una función desconocida del archivo /sistema/flash/reboot. La manipulación conlleva a una denegación de servicio. Es posible lanzar el ataque de forma remota. La explotación ha sido divulgada al público y puede ser usada

FLEX versions prior to 1085 Web 1.6.0 suffer from a denial of service vulnerability.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-07-31 CVE Reserved
  • 2022-07-31 CVE Published
  • 2023-05-13 First Exploit
  • 2024-03-07 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-404: Improper Resource Shutdown or Release
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tem
Search vendor "Tem"
 Flex-1085 Firmware
Search vendor "Tem" for product "Flex-1085 Firmware"
 1.6.0
Search vendor "Tem" for product "Flex-1085 Firmware" and version "1.6.0"
-
Affected
in Tem
Search vendor "Tem"
 Flex-1085
Search vendor "Tem" for product "Flex-1085"
--
Safe