CVE-2022-44039

Name of the Vulnerable Software and Affected Versions Franklin Fueling System FFS Colibri version 1.9.22.8925

Description The issue allows an attacker to overwrite system files, such as system.conf and passwd, due to the insecure usage of the fopen system function with the mode wb, which allows overwriting files if they exist. This can enable an attacker to escalate privileges by planting a backdoor user with root privilege or changing the root password.

Recommendations For Franklin Fueling System FFS Colibri version 1.9.22.8925, consider disabling the use of the fopen system function with the mode wb until a patch is available to prevent the overwriting of system files. Restrict access to sensitive files such as system.conf and passwd to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.