CVE-2022-46140
- EPSS 0.11%
- Veröffentlicht 13.12.2022 16:15:25
- Zuletzt bearbeitet 14.01.2025 11:15:10
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.
CVE-2022-46142
- EPSS 0.07%
- Veröffentlicht 13.12.2022 16:15:25
- Zuletzt bearbeitet 14.01.2025 11:15:11
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
CVE-2022-46143
- EPSS 0.28%
- Veröffentlicht 13.12.2022 16:15:25
- Zuletzt bearbeitet 14.01.2025 11:15:11
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.
CVE-2022-31766
- EPSS 0.33%
- Veröffentlicht 11.10.2022 11:15:09
- Zuletzt bearbeitet 10.04.2025 20:26:39
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), ...