CVE-2022-31482
Denial-of-Service via internal structure overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. The overflowed data leads to segmentation fault and ultimately a denial-of-service condition, causing the device to reboot. The impact of this vulnerability is that an unauthenticated attacker could leverage this flaw to cause the target device to become unresponsive. An attacker could automate this attack to achieve persistent DoS, effectively rendering the target controller useless.
Un atacante no autenticado puede enviar una petición HTTP no autenticada especialmente diseñada al dispositivo que puede desbordar un búfer. Esta vulnerabilidad afecta a los productos basados en los controladores inteligentes HID Mercury LP1501, LP1502, LP2500, LP4502 y EP4502 que contienen versiones de firmware anteriores a la 1.29. El desbordamiento de datos conlleva un fallo de segmentación y, en última instancia, una condición de denegación de servicio, causando el reinicio del dispositivo. El impacto de esta vulnerabilidad es que un atacante no autenticado podría aprovechar este fallo para causar que el dispositivo de destino deje de responder. Un atacante podría automatizar este ataque para lograr un DoS persistente, inutilizando efectivamente el controlador de destino
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-05-23 CVE Reserved
- 2022-06-06 CVE Published
- 2023-11-17 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.corporate.carrier.com/product-security/advisories-resources | 2022-06-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hidglobal Search vendor "Hidglobal" | Lp1501 Firmware Search vendor "Hidglobal" for product "Lp1501 Firmware" | < 1.29 Search vendor "Hidglobal" for product "Lp1501 Firmware" and version " < 1.29" | - |
Affected
| in | Hidglobal Search vendor "Hidglobal" | Lp1501 Search vendor "Hidglobal" for product "Lp1501" | - | - |
Safe
|
| Hidglobal Search vendor "Hidglobal" | Lp1502 Firmware Search vendor "Hidglobal" for product "Lp1502 Firmware" | < 1.29 Search vendor "Hidglobal" for product "Lp1502 Firmware" and version " < 1.29" | - |
Affected
| in | Hidglobal Search vendor "Hidglobal" | Lp1502 Search vendor "Hidglobal" for product "Lp1502" | - | - |
Safe
|
| Hidglobal Search vendor "Hidglobal" | Lp2500 Firmware Search vendor "Hidglobal" for product "Lp2500 Firmware" | < 1.29 Search vendor "Hidglobal" for product "Lp2500 Firmware" and version " < 1.29" | - |
Affected
| in | Hidglobal Search vendor "Hidglobal" | Lp2500 Search vendor "Hidglobal" for product "Lp2500" | - | - |
Safe
|
| Hidglobal Search vendor "Hidglobal" | Lp4502 Firmware Search vendor "Hidglobal" for product "Lp4502 Firmware" | < 1.29 Search vendor "Hidglobal" for product "Lp4502 Firmware" and version " < 1.29" | - |
Affected
| in | Hidglobal Search vendor "Hidglobal" | Lp4502 Search vendor "Hidglobal" for product "Lp4502" | - | - |
Safe
|
| Hidglobal Search vendor "Hidglobal" | Ep4502 Firmware Search vendor "Hidglobal" for product "Ep4502 Firmware" | < 1.29 Search vendor "Hidglobal" for product "Ep4502 Firmware" and version " < 1.29" | - |
Affected
| in | Hidglobal Search vendor "Hidglobal" | Ep4502 Search vendor "Hidglobal" for product "Ep4502" | - | - |
Safe
|
| Carrier Search vendor "Carrier" | Lenels2 Lnl-4420 Firmware Search vendor "Carrier" for product "Lenels2 Lnl-4420 Firmware" | < 1.29 Search vendor "Carrier" for product "Lenels2 Lnl-4420 Firmware" and version " < 1.29" | - |
Affected
| in | Carrier Search vendor "Carrier" | Lenels2 Lnl-4420 Search vendor "Carrier" for product "Lenels2 Lnl-4420" | - | - |
Safe
|
| Carrier Search vendor "Carrier" | Lenels2 Lnl-x2210 Firmware Search vendor "Carrier" for product "Lenels2 Lnl-x2210 Firmware" | < 1.29 Search vendor "Carrier" for product "Lenels2 Lnl-x2210 Firmware" and version " < 1.29" | - |
Affected
| in | Carrier Search vendor "Carrier" | Lenels2 Lnl-x2210 Search vendor "Carrier" for product "Lenels2 Lnl-x2210" | - | - |
Safe
|
| Carrier Search vendor "Carrier" | Lenels2 Lnl-x2220 Firmware Search vendor "Carrier" for product "Lenels2 Lnl-x2220 Firmware" | < 1.29 Search vendor "Carrier" for product "Lenels2 Lnl-x2220 Firmware" and version " < 1.29" | - |
Affected
| in | Carrier Search vendor "Carrier" | Lenels2 Lnl-x2220 Search vendor "Carrier" for product "Lenels2 Lnl-x2220" | - | - |
Safe
|
| Carrier Search vendor "Carrier" | Lenels2 Lnl-x3300 Firmware Search vendor "Carrier" for product "Lenels2 Lnl-x3300 Firmware" | < 1.29 Search vendor "Carrier" for product "Lenels2 Lnl-x3300 Firmware" and version " < 1.29" | - |
Affected
| in | Carrier Search vendor "Carrier" | Lenels2 Lnl-x3300 Search vendor "Carrier" for product "Lenels2 Lnl-x3300" | - | - |
Safe
|
| Carrier Search vendor "Carrier" | Lenels2 Lnl-x4420 Firmware Search vendor "Carrier" for product "Lenels2 Lnl-x4420 Firmware" | < 1.29 Search vendor "Carrier" for product "Lenels2 Lnl-x4420 Firmware" and version " < 1.29" | - |
Affected
| in | Carrier Search vendor "Carrier" | Lenels2 Lnl-x4420 Search vendor "Carrier" for product "Lenels2 Lnl-x4420" | - | - |
Safe
|
| Carrier Search vendor "Carrier" | Lenels2 S2-lp-1501 Firmware Search vendor "Carrier" for product "Lenels2 S2-lp-1501 Firmware" | < 1.29 Search vendor "Carrier" for product "Lenels2 S2-lp-1501 Firmware" and version " < 1.29" | - |
Affected
| in | Carrier Search vendor "Carrier" | Lenels2 S2-lp-1501 Search vendor "Carrier" for product "Lenels2 S2-lp-1501" | - | - |
Safe
|
| Carrier Search vendor "Carrier" | Lenels2 S2-lp-1502 Firmware Search vendor "Carrier" for product "Lenels2 S2-lp-1502 Firmware" | < 1.29 Search vendor "Carrier" for product "Lenels2 S2-lp-1502 Firmware" and version " < 1.29" | - |
Affected
| in | Carrier Search vendor "Carrier" | Lenels2 S2-lp-1502 Search vendor "Carrier" for product "Lenels2 S2-lp-1502" | - | - |
Safe
|
| Carrier Search vendor "Carrier" | Lenels2 S2-lp-2500 Firmware Search vendor "Carrier" for product "Lenels2 S2-lp-2500 Firmware" | < 1.29 Search vendor "Carrier" for product "Lenels2 S2-lp-2500 Firmware" and version " < 1.29" | - |
Affected
| in | Carrier Search vendor "Carrier" | Lenels2 S2-lp-2500 Search vendor "Carrier" for product "Lenels2 S2-lp-2500" | - | - |
Safe
|
| Carrier Search vendor "Carrier" | Lenels2 S2-lp-4502 Firmware Search vendor "Carrier" for product "Lenels2 S2-lp-4502 Firmware" | < 1.29 Search vendor "Carrier" for product "Lenels2 S2-lp-4502 Firmware" and version " < 1.29" | - |
Affected
| in | Carrier Search vendor "Carrier" | Lenels2 S2-lp-4502 Search vendor "Carrier" for product "Lenels2 S2-lp-4502" | - | - |
Safe
|