Unrated severityNVD Advisory· Published Mar 9, 2022· Updated Aug 3, 2024
CVE-2022-22806
CVE-2022-22806
Description
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)
Affected products
2- Range: <= various per series: SMT 04.5, SMC 04.2, SMTL 02.9, SCL 02.5/03.1, SMX 03.1
- Schneider Electric/SmartConnectv5Range: SMT Series
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.se.com/ww/en/download/document/SEVD-2022-067-02/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.