PT-2022-2949 · Clipsal+1 · Clipsal Wiser For C-Bus Automation Controller+3
Published
2022-06-14
·
Updated
2023-02-08
·
CVE-2022-32513
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
C-Bus Network Automation Controller - LSS5500NAC versions prior to V1.10.0
Wiser for C-Bus Automation Controller - LSS5500SHAC versions prior to V1.10.0
Clipsal C-Bus Network Automation Controller - 5500NAC versions prior to V1.10.0
Clipsal Wiser for C-Bus Automation Controller - 5500SHAC versions prior to V1.10.0
SpaceLogic C-Bus Network Automation Controller - 5500NAC2 versions prior to V1.10.0
SpaceLogic C-Bus Application Controller - 5500AC2 versions prior to V1.10.0
Description
A weakness in password requirements exists, allowing an attacker to gain control of the device through brute force attacks on the password. This issue can be exploited remotely, giving the attacker full access to the device.
Recommendations
For C-Bus Network Automation Controller - LSS5500NAC versions prior to V1.10.0, update to version V1.10.0 or later.
For Wiser for C-Bus Automation Controller - LSS5500SHAC versions prior to V1.10.0, update to version V1.10.0 or later.
For Clipsal C-Bus Network Automation Controller - 5500NAC versions prior to V1.10.0, update to version V1.10.0 or later.
For Clipsal Wiser for C-Bus Automation Controller - 5500SHAC versions prior to V1.10.0, update to version V1.10.0 or later.
For SpaceLogic C-Bus Network Automation Controller - 5500NAC2 versions prior to V1.10.0, update to version V1.10.0 or later.
For SpaceLogic C-Bus Application Controller - 5500AC2 versions prior to V1.10.0, update to version V1.10.0 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Clipsal C-Bus Network Automation Controller
Clipsal Wiser For C-Bus Automation Controller
Spacelogic C-Bus Application Controller
Spacelogic C-Bus Network Automation Controller