The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name, including non-standard characters that, when the device attempts connecting to the malicious SSID, the device can be exploited to write arbitrary files or display incorrect information.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsma-22-244-01 | Mitigation Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2022-09-01T00:00:00
Updated: 2022-09-13T14:54:58
Reserved: 2022-08-29T00:00:00
Link: CVE-2022-3027
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-13T15:15:09.257
Modified: 2022-09-14T22:42:43.970
Link: CVE-2022-3027
JSON object: View
Redhat Information
No data.