CVE-2022-2103
published 2022-06-24CVE-2022-2103: An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable…
PriorityP352critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
0.96%
57.1th percentile
An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | microsoft_endpoint_configuration_manager | — | — |
| secheron | sepcos_control_and_protection_relay_firmware | >= 1.23.0 < 1.23.21 | 1.23.21 |
| secheron | sepcos_control_and_protection_relay_firmware | >= 1.24.0 < 1.24.8 | 1.24.8 |
| secheron | sepcos_control_and_protection_relay_firmware | >= 1.25.0 < 1.25.3 | 1.25.3 |
| secheron | sepcos_control_and_protection_relay_firmware_package | >= All versions < 1.23.21 | 1.23.21 |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
vendor_msrc7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-87qv-j2hp-j3f6: An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely e
ghsa_unreviewed·2022-06-25
CVE-2022-2103 [CRITICAL] CWE-284 GHSA-87qv-j2hp-j3f6: An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely e
An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories.
Microsoft
Microsoft Endpoint Configuration Manager Spoofing Vulnerability
vendor_msrc·2022-09-13·CVSS 7.5
CVE-2022-37972 [HIGH] Microsoft Endpoint Configuration Manager Spoofing Vulnerability
Microsoft Endpoint Configuration Manager Spoofing Vulnerability
FAQ: How do I get the update?
The update – KB 15498768 – will be listed in the Updates and Servicing node of the Configuration Manager console for customers running Microsoft Endpoint Configuration Manager, versions 2103 – 2207.
Environments using versions of Configuration Manager current branch prior to 2103 are encouraged to update to a later supported version. Administrators can also disable use of automatic and manual client push installation methods to remove the risk of exposure to this issue. Refer to Support for Configuration Manager current branch versions.
FAQ: What is Microsoft Endpoint Configuration Manager?
Microsoft Endpoint Configuration Manager is an on-premises management solution to manage desktops, servers
CISA ICS
Secheron SEPCOS Control and Protection Relay
cisa_ics·2022-06-23
Secheron SEPCOS Control and Protection Relay
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Secheron SEPCOS Control and Protection Relay
Last RevisedJune 23, 2022
Alert CodeICSA-22-174-03
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.9
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Secheron
- Equipment: SEPCOS Control and Protection Relay
- Vulnerabilities: Improper Enforcement of Behavioral Workflow, Lack of Administrator Control over Security, Improper Privilege Management, Insufficiently Protected Credentials, Improper Access Control
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to obtain full, root acc
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-06-24
Published