CVE-2022-2474

Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the “Ethernet Q Commands” service, which allows any user on the same network segment as the controller (even while connected remotely) to access the service and write unauthorized macros to the device.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-01 Third Party Advisory US Government Resource
Configurations

Configuration 1


Information

Published : 2022-10-28 06:15

Updated : 2022-11-02 03:44


NVD link : CVE-2022-2474

Mitre link : CVE-2022-2474

Products Affected
No products.
CWE