CVE-2022-33202

Name of the Vulnerable Software and Affected Versions L2Blocker(on-premise) versions 4.8.5 and earlier L2Blocker(Cloud) versions 4.8.5 and earlier

Description The issue allows an adjacent attacker to bypass authentication in the setup screen, potentially leading to unauthorized login, access to stored information, or device malfunction. This is achieved by using alternative paths or channels for the Sensor.

Recommendations For L2Blocker(on-premise) versions 4.8.5 and earlier, update to a version later than 4.8.5 to resolve the issue. For L2Blocker(Cloud) versions 4.8.5 and earlier, update to a version later than 4.8.5 to resolve the issue. As a temporary workaround, consider restricting access to the setup screen to minimize the risk of exploitation.