CVE-2022-31482

Published Jun 6, 2022

Last updated 2 years ago

CVSS high 7.5

Overview

Description: An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. The overflowed data leads to segmentation fault and ultimately a denial-of-service condition, causing the device to reboot. The impact of this vulnerability is that an unauthenticated attacker could leverage this flaw to cause the target device to become unresponsive. An attacker could automate this attack to achieve persistent DoS, effectively rendering the target controller useless.
Source: productsecurity@carrier.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-120
productsecurity@carrier.com: CWE-120

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hidglobal:lp1501_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35999FD6-AC96-446D-8A53-F976B1E77CAD",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hidglobal:lp1501:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B9DC3EC5-C67D-4FE5-8B53-04AB785588FE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hidglobal:lp1502_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91D69F6B-3372-4B8C-BA65-8D06150B0332",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hidglobal:lp1502:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "902FDABA-C5D0-4CAE-BBDF-E4338D3A4DAF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hidglobal:lp2500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94431442-0D7F-422F-8AB8-7F7BF6069134",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hidglobal:lp2500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AAC2A69E-BF7D-448B-8347-19CFFABED15A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hidglobal:lp4502_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A199648-AE0D-44CB-82A8-A8265A7C71F2",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hidglobal:lp4502:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "22147A65-6ADE-46F3-AFF8-E46CE81D6E8B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hidglobal:ep4502_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "166388C7-1B28-42C1-941C-55B54EB311FB",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:hidglobal:ep4502:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F9A28A38-C57D-4FC6-8CAA-0011AF06D290"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:carrier:lenels2_lnl-4420_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D07F4655-BF3F-4AF6-A05E-B9CF03F8F9D3",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:carrier:lenels2_lnl-4420:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "36855319-E36B-47C3-B27E-E1509D1C9D4D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:carrier:lenels2_lnl-x2210_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "655117A6-848B-4F24-9315-C72926BE4633",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:carrier:lenels2_lnl-x2210:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3B091C8F-2C3A-47C9-92AC-550D977F781A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:carrier:lenels2_lnl-x2220_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CCACB0A-D4AD-4D2C-8511-0F83B124C810",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:carrier:lenels2_lnl-x2220:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "15FD8460-39D0-46C4-9F04-EB3B6C72767A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:carrier:lenels2_lnl-x3300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0726F2A-43BF-4D32-A1B7-97D67A3BDC2B",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:carrier:lenels2_lnl-x3300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "389BE7A1-1B57-4097-9AAF-A6931C06BA15"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:carrier:lenels2_lnl-x4420_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2FFA3E9-5658-4A94-BFA4-652595F2581C",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:carrier:lenels2_lnl-x4420:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2BC2BAEA-E139-47C2-9A8F-857AB1C7D54B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:carrier:lenels2_s2-lp-1501_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF902078-8407-403D-8226-1614E1982CD7",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:carrier:lenels2_s2-lp-1501:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3183C665-CD31-446D-8D95-908148675D25"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:carrier:lenels2_s2-lp-1502_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A703D6D9-C649-41C5-9C64-1E8FE3588B6A",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:carrier:lenels2_s2-lp-1502:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "93B38941-79D8-41E7-9763-989C0C3B6139"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:carrier:lenels2_s2-lp-2500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2544AB9B-EDE0-4738-BA09-C652E58FDC6A",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:carrier:lenels2_s2-lp-2500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1724D78F-EE79-4E48-BDB2-D399C573F42D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:carrier:lenels2_s2-lp-4502_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D68BAE0-DB10-42FD-885A-CEE8CFA36BEC",
            "versionEndExcluding": "1.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:carrier:lenels2_s2-lp-4502:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "115129D2-5134-4BCD-B5D0-263F4687B59D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References