CVE-2022-2005

moderate-risk
Published 2022-08-31

AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;

Do I need to act?

-
0.12% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (12)

C-More Ea9-T6Cl Firmware
C-More Ea9-T6Cl-R Firmware
C-More Ea9-T7Cl Firmware
C-More Ea9-T7Cl-R Firmware
C-More Ea9-T8Cl Firmware
C-More Ea9-T10Cl Firmware
C-More Ea9-T10Wcl Firmware
C-More Ea9-T12Cl Firmware
C-More Ea9-T15Cl Firmware
C-More Ea9-T15Cl-R Firmware
C-More Ea9-Rhmi Firmware
C-More Ea9-Pgmsw Firmware

Affected Vendors

Automationdirect

References (2)

Patch https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01
Patch https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01
43
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 0/34 · Minimal
Exposure 17/34 · Moderate