Vulnerabilities > CVE-2022-2642 - Excessive Reliance on Global Variables vulnerability in Hornerautomation Rcc972 Firmware 15.40

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
hornerautomation
CWE-1108

Summary

Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.

Vulnerable Configurations

Part Description Count
OS
Hornerautomation
1
Hardware
Hornerautomation
1

Common Weakness Enumeration (CWE)