PT-2022-2791 · Unknown · Wiser Controller Eer21000+2

Published

2022-05-10

Updated

2022-06-13

CVE-2022-30236

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:N/C:C/I:P/A:N

Name of the Vulnerable Software and Affected Versions Wiser Smart versions prior to 4.5 Wiser Controller EER21000 versions prior to 4.5 Wiser Controller EER21001 versions prior to 4.5

Description The issue is related to incorrect resource transfer between spheres, which could allow an attacker to gain unauthorized access to protected information. This can be exploited through cross-domain attacks, potentially leading to unauthorized access.

Recommendations For Wiser Smart versions prior to 4.5, update to a version later than 4.5. For Wiser Controller EER21000 versions prior to 4.5, update to a version later than 4.5. For Wiser Controller EER21001 versions prior to 4.5, update to a version later than 4.5.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-669CWE-699

Related Identifiers

BDU:2022-03320

CVE-2022-30236

Affected Products

Wiser Controller Eer21000

Wiser Controller Eer21001

Wiser Smart

PT-2022-2791 · Unknown · Wiser Controller Eer21000+2

CVE-2022-30236

Weakness Enumeration

Related Identifiers

Affected Products

References · 7