CVE-2022-26392

CVSS v3 3.1 LOW

3.1^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.6 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

T

he Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information.

References

Link	Resource
https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx	Broken Link
https://www.cisa.gov/uscert/ics/advisories/icsma-22-251-01	Third Party Advisory US Government Resource
https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx	Broken Link

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware::::::::
	cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16:::::::*
	cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16d38:::::::*
	cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17:::::::*
	cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17d19:::::::*

cpe:2.3:h:baxter:spectrum_wireless_battery_module:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:baxter:sigma_spectrum_35700bax_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:baxter:sigma_spectrum_35700bax:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:baxter:sigma_spectrum_35700bax2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:baxter:sigma_spectrum_35700bax2:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:baxter:baxter_spectrum_iq_35700bax3_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:baxter:baxter_spectrum_iq_35700bax3:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:53

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~6.5~~	v2 : unknown v3 : 3.1
References	~~() https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx - Broken Link~~	() https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx - Broken Link

Information

Published : 2022-09-09 15:15

Updated : 2024-11-21 06:53

NVD link : CVE-2022-26392

Mitre link : CVE-2022-26392

CVE.ORG link : CVE-2022-26392

JSON object : View

Products Affected

CWE

CWE-134

Use of Externally-Controlled Format String

{"id": "CVE-2022-26392", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.6}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-09-09T15:15:09.543", "references": [{"url": "https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-251-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "[email protected]"}, {"url": "https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-134"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-134"}]}], "descriptions": [{"lang": "en", "value": "The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information."}, {"lang": "es", "value": "Baxter Spectrum WBM (v16, v16D38) y Baxter Spectrum WBM (v17, v17D19, v20D29 a v20D32) cuando est\u00e1n en modo superusuario son susceptibles de ataques de cadena de formato por medio de mensajes de aplicaci\u00f3n. Un atacante podr\u00eda usar esto para leer la memoria del WBM y acceder a informaci\u00f3n confidencial"}], "lastModified": "2024-11-21T06:53:53.933", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34DB00B2-DE3D-4D7B-9F03-35060096C37C", "versionEndIncluding": "20d32", "versionStartIncluding": "20d29"}, {"criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "719496E8-9020-456F-8CCC-FDFE10CF2820"}, {"criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:16d38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03DA9071-305A-4319-9807-1BD6F9EB8FDB"}, {"criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C68B374-58AD-4E71-9B83-3CA0241B8A4A"}, {"criteria": "cpe:2.3:o:baxter:spectrum_wireless_battery_module_firmware:17d19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85202DB1-56E1-43C6-81BC-C141862D72C0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:baxter:spectrum_wireless_battery_module:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "15E8AA9C-1024-482D-8636-551486698A8C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:baxter:sigma_spectrum_35700bax_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1354B2D0-A259-4832-BB3D-BD9C157FB5C0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:baxter:sigma_spectrum_35700bax:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2EAFF022-6879-4734-9AEB-DE45E6E235DE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:baxter:sigma_spectrum_35700bax2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2715381-CA8F-416B-B9AD-9CDBDC181338"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:baxter:sigma_spectrum_35700bax2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "576C9566-DA3F-43E8-B4E8-C5DEF3B06696"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:baxter:baxter_spectrum_iq_35700bax3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89AFD13D-97D8-40A5-B36B-9B65229302B1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:baxter:baxter_spectrum_iq_35700bax3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "71D6364A-9707-4BB0-8808-AF3314026A79"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}