Vulnerabilities > CVE-2022-25785 - Out-of-bounds Write vulnerability in Secomea products

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

secomea

CWE-787

NVD

Published: 2022-05-04

Updated: 2022-05-11

Summary

Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7.

Vulnerable Configurations

Part	Description	Count
OS	Secomea Secomea Sitemanager 1129 Firmware - Secomea Sitemanager 1129 Firmware 9.2C Secomea Sitemanager 1139 Firmware - Secomea Sitemanager 1139 Firmware 9.2C Secomea Sitemanager 1149 Firmware - Secomea Sitemanager 1149 Firmware 9.2C Secomea Sitemanager 3329 Firmware - Secomea Sitemanager 3329 Firmware 9.2C Secomea Sitemanager 3339 Firmware - Secomea Sitemanager 3339 Firmware 9.2C Secomea Sitemanager 3349 Firmware - Secomea Sitemanager 3349 Firmware 9.2C Secomea Sitemanager 3529 Firmware - Secomea Sitemanager 3529 Firmware 9.2C Secomea Sitemanager 3539 Firmware - Secomea Sitemanager 3539 Firmware 9.2C Secomea Sitemanager 3549 Firmware - Secomea Sitemanager 3549 Firmware 9.2C	18
Hardware	Secomea Secomea Sitemanager 1129 - Secomea Sitemanager 1139 - Secomea Sitemanager 1149 - Secomea Sitemanager 3329 - Secomea Sitemanager 3339 - Secomea Sitemanager 3349 - Secomea Sitemanager 3529 - Secomea Sitemanager 3539 - Secomea Sitemanager 3549 -	9

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.secomea.com/support/cybersecurity-advisory/