Risk | High |
Patch available | YES |
Number of vulnerabilities | 3 |
CVE-ID | CVE-2022-2640 CVE-2022-2641 CVE-2022-2642 |
CWE-ID | CWE-326 CWE-321 CWE-1108 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
RCC 972 Hardware solutions / Routers & switches, VoIP, GSM, etc |
Vendor | Horner Automation |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU69830
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2640
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the config-files are encrypted with weak XOR encryption. A remote attacker can obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).
MitigationInstall updates from vendor's website.
Vulnerable software versionsRCC 972: 15.40
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-335-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU69831
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2641
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected product has a static encryption key on the device. A remote attacker can execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRCC 972: 15.40
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-335-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU69832
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2642
CWE-ID:
CWE-1108 - Excessive Reliance on Global Variables
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected device contains global variables. A remote attacker can read out sensitive values and variable keys from the device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRCC 972: 15.40
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-22-335-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.