CVE-2022-3575

Published: Nov 2, 2022Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: info@cert.vde.com (Secondary)

Description

Frauscher Sensortechnik GmbH FDS102 for FAdC R2 and FAdCi R2 v2.8.0 to v2.9.1 are vulnerable to malicious code upload without authentication by using the configuration upload function. This could lead to a complete compromise of the FDS102 device.

Affected (6)

Products: Frauscher: Frauscher Diagnostic System 102

Frauscher

1 product

Frauscher Diagnostic System 102

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Frauscher Frauscher Diagnostic System 102	Version 2.8.0
Frauscher Frauscher Diagnostic System 102	Version 2.8.0
Frauscher Frauscher Diagnostic System 102	Version 2.9.0
Frauscher Frauscher Diagnostic System 102	Version 2.9.0
Frauscher Frauscher Diagnostic System 102	Version 2.9.1
Frauscher Frauscher Diagnostic System 102	Version 2.9.1

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (2)

https://www.frauscher.com/en/psirt

Source: info@cert.vde.com

Vendor Advisory

https://www.frauscher.com/en/psirt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.