CVE-2022-36443

Published: Jan 10, 2023Modified: May 30, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels (wireless and SD card) but it is still possible to use a physical connection (Ethernet cable) without restriction.

Affected (1)

Products: Zebra: Enterprise Home Screen

1 product

Enterprise Home Screen

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Zebra Enterprise Home Screen	Version 4.1.19

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (5)

https://cds.thalesgroup.com/en/tcs-cert/CVE-2022-36443

Source: cve@mitre.org

https://excellium-services.com/cert-xlm-advisory/CVE-2022-36443

Source: cve@mitre.org

Third Party Advisory

https://www.zebra.com/us/en/products/software/mobile-computers/mobile-app-utilities/enterprise-home-screen.html

Source: cve@mitre.org

Product

https://excellium-services.com/cert-xlm-advisory/CVE-2022-36443

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.zebra.com/us/en/products/software/mobile-computers/mobile-app-utilities/enterprise-home-screen.html

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.