CVE-2022-40939

Name of the Vulnerable Software and Affected Versions Secustation versions V2.3.4.1301-M20-TSA-B20150617A through V2.5.5.3116-S50-SMA-B20190723A Secustation version V2.5.5.3116-S50-RXA-B20180502A Secustation version V2.5.5.3116-S50-SMB-B20161012A Secustation version V2.3.4.2103-S50-NTD-B20170508B Secustation version V2.5.5.3116-S50-SMB-B20160601A Secustation version V2.5.5.2601-S50-TSA-B20151229A Secustation version V2.5.5.3116-S50-SMA-B20170217A Secustation version V2.5.5.3116-S50-SMA-B20171107A

Description In certain Secustation products, the administrator account password can be read.

Recommendations For version V2.3.4.1301-M20-TSA-B20150617A, update to a version that fixes the issue. For version V2.5.5.3116-S50-RXA-B20180502A, update to a version that fixes the issue. For version V2.5.5.3116-S50-SMB-B20161012A, update to a version that fixes the issue. For version V2.3.4.2103-S50-NTD-B20170508B, update to a version that fixes the issue. For version V2.5.5.3116-S50-SMB-B20160601A, update to a version that fixes the issue. For version V2.5.5.2601-S50-TSA-B20151229A, update to a version that fixes the issue. For version V2.5.5.3116-S50-SMA-B20170217A, update to a version that fixes the issue. For version V2.5.5.3116-S50-SMA-B20171107A, update to a version that fixes the issue. For version V2.5.5.3116-S50-SMA-B20190723A, update to a version that fixes the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.