CVE-2022-3575

EUVD-2022-42939
Frauscher Sensortechnik GmbH FDS102 for FAdC R2 and FAdCi R2 v2.8.0 to v2.9.1 are vulnerable to malicious code upload without authentication by using the configuration upload function. This could lead to a complete compromise of the FDS102 device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CERTVDECNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
frauscherfrauscher_diagnostic_system_102
2.8.0
frauscherfrauscher_diagnostic_system_102
2.8.0
frauscherfrauscher_diagnostic_system_102
2.9.0
frauscherfrauscher_diagnostic_system_102
2.9.0
frauscherfrauscher_diagnostic_system_102
2.9.1
frauscherfrauscher_diagnostic_system_102
2.9.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.frauscher.com/en/psirt
https://www.frauscher.com/en/psirt