Unrated severityNVD Advisory· Published Mar 9, 2022· Updated Aug 3, 2024
CVE-2022-22805
CVE-2022-22805
Description
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)
Affected products
2- Range: SMT Series: UPS 04.5 and prior; SMC Series: UPS 04.2 and prior; SMTL Series: UPS 02.9 and prior; SCL Series: UPS 02.5 and prior / 03.1 and prior; SMX Series: UPS 03.1 and prior
- Schneider Electric/SmartConnectv5Range: SMT Series
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.se.com/ww/en/download/document/SEVD-2022-067-02/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.