Vulnerabilities > CVE-2022-2642 - Excessive Reliance on Global Variables vulnerability in Hornerautomation Rcc972 Firmware 15.40

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

hornerautomation

CWE-1108

NVD

Published: 2022-12-02

Updated: 2022-12-06

Summary

Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.

Vulnerable Configurations

Part	Description	Count
OS	Hornerautomation Hornerautomation Rcc972 Firmware 15.40	1
Hardware	Hornerautomation Hornerautomation Rcc972 -	1

Common Weakness Enumeration (CWE)

CWE-1108 - Excessive Reliance on Global Variables

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-335-02