CVE-2022-22805

Published Mar 9, 2022

Last updated 3 years ago

Overview

Description: A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)
Source: cybersecurity@se.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

cybersecurity@se.com: CWE-120
nvd@nist.gov: CWE-120

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:schneider-electric:smt_series_1015_ups_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C3EA55B-DB09-4124-A9D9-A92431C38D1F",
            "versionEndIncluding": "04.5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:schneider-electric:smt_series_1015_ups:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "95C1E3D9-606B-4C57-A4E7-0A45C9D46332"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:schneider-electric:smc_series_1018_ups_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFE2D844-ED18-44D3-9E75-4BB3082E4B51",
            "versionEndIncluding": "04.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:schneider-electric:smc_series_1018_ups:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "154E788E-173C-4D16-A492-B61D39D420EF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:schneider-electric:smtl_series_1026_ups_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE693F05-B0A7-452D-94C6-D36E37ACF6CB",
            "versionEndIncluding": "02.9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:schneider-electric:smtl_series_1026_ups:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6B138EB4-6264-4BFA-B4C7-4B23FFA676B1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:schneider-electric:scl_series_1029_ups_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2E0803A-637E-4BBA-B9D5-AB59EE122844",
            "versionEndIncluding": "02.5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:schneider-electric:scl_series_1029_ups:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4175BEC7-DA4D-4E19-A642-A5FC13D3598E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:schneider-electric:scl_series_1030_ups_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "469F9813-DE0E-4752-91EB-FECC001C6825",
            "versionEndIncluding": "02.5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:schneider-electric:scl_series_1030_ups:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E8DC43CB-66C0-469B-AF87-0120D6280584"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:schneider-electric:scl_series_1036_ups_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22E4C951-876D-46F7-8CF4-D943464E8338",
            "versionEndIncluding": "02.5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:schneider-electric:scl_series_1036_ups:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9FB7E0EB-AF6D-4107-B343-50309E9DF03E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:schneider-electric:scl_series_1037_ups_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E52A522-88D4-4B6A-83B4-C56C093C7F54",
            "versionEndIncluding": "03.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:schneider-electric:scl_series_1037_ups:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "04C627CE-E3F8-4E3F-8B93-07C92AA21296"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:schneider-electric:smx_series_1031_ups_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6251AE4E-FFED-4B0C-A90B-A3BD852A2ED8",
            "versionEndIncluding": "03.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:schneider-electric:smx_series_1031_ups:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9E1E7040-8123-483C-AE62-F190D83D0ADC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Configurations

References