Versio.io

CVE-2022-28223

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 30-03-2022 08:15
Last modified: - 05-04-2022 04:57
Total changes: - 2

Description

Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
High
Privileges required
Unchanged
Scope
None
User interaction
7.2
Base score
1.2
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=tekon AND product=kio_firmware AND versionEndIncluding=2022-03-30
OR
vendor=tekon AND product=kio AND version=-
AND
OR
vendor=tekon AND product=kio-1m_firmware AND versionEndIncluding=2022-03-30
OR
vendor=tekon AND product=kio-1m AND version=-
AND
OR
vendor=tekon AND product=kio-2mrs_firmware AND versionEndIncluding=2022-03-30
OR
vendor=tekon AND product=kio-2mrs AND version=-
AND
OR
vendor=tekon AND product=kio-2m_firmware AND versionEndIncluding=2022-03-30
OR
vendor=tekon AND product=kio-2m AND version=-
AND
OR
vendor=tekon AND product=kio-2ms_firmware AND versionEndIncluding=2022-03-30
OR
vendor=tekon AND product=kio-2ms AND version=-
AND
OR
vendor=tekon AND product=kio-2md_firmware AND versionEndIncluding=2022-03-30
OR
vendor=tekon AND product=kio-2md AND version=-
AND
OR
vendor=tekon AND product=kio-8\(4\)_firmware AND versionEndIncluding=2022-03-30
OR
vendor=tekon AND product=kio-8\(4\) AND version=-
AND
OR
vendor=tekon AND product=kio-8\(4\)l_firmware AND versionEndIncluding=2022-03-30
OR
vendor=tekon AND product=kio-8\(4\)l AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2022-28223

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.