CVE Vulnerability

CVE-2022-22570

A buffer overflow vulnerability found in the UniFi Door Access Reader Lite’s (UA Lite) firmware (Version 3.8.28.24 and earlier) allows a malicious actor who has gained access to a network to control all connected UA devices. This vulnerability is fixed in Version 3.8.31.13 and later.

7.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

10 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://community.ui.com/releases/Security-Advisory-Bulletin-024-024/22725557-0f72-4f5d-83b0-f16252fcd4b7 Vendor Advisory
Configurations

Configuration 1
Information

Published : 2022-04-01 11:15

Updated : 2022-04-09 02:19

NVD link : CVE-2022-22570

Mitre link : CVE-2022-22570

Products Affected
No products.
CWE
CWE-120