PT-2022-17177 · Unknown · Axeda Desktop Server For Windows+1

Elad Luz

Published

2022-03-16

Updated

2022-03-28

CVE-2022-25248

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Axeda agent (All versions) Axeda Desktop Server for Windows (All versions)

Description The issue concerns the Axeda agent and Axeda Desktop Server for Windows, where they supply the event log of a specific service when connecting to a certain port.

Recommendations For Axeda agent (All versions), consider restricting access to the event log to minimize potential risks. For Axeda Desktop Server for Windows (All versions), restrict access to the specific service's event log until a more detailed fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2022-25248

Affected Products

Axeda Desktop Server For Windows

Axeda Agent

PT-2022-17177 · Unknown · Axeda Desktop Server For Windows+1

CVE-2022-25248

Weakness Enumeration

Related Identifiers

Affected Products

References · 4