What is CVE-2022-2642?

CVE-2022-2642 is a high-severity vulnerability in Horner Automation Remote Compact Controller (Rcc) 972, classified under CWE-1108. CVSS score: 7.5/10. Published 2022-12-12.

How severe is CVE-2022-2642?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Horner Automation Remote Compact Controller (Rcc) 972

CVE-2022-2642

Horner Automation’s RCC 972 firmware version 15.40 contains global variables. This could allow an attacker to read out sensitive values and variable keys from the device.

EPSS: 0.002 (42.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Horner Automation Remote Compact Controller (Rcc) 972 — versions Firmware Version 15.40

Weakness classification (CWE)

CWE-1108

References

www.cisa.gov/uscert/ics/advisories/icsa-22-335-02

Frequently asked questions

What is CVE-2022-2642?: CVE-2022-2642 is a high-severity vulnerability in Horner Automation Remote Compact Controller (Rcc) 972, classified under CWE-1108. CVSS score: 7.5/10. Published 2022-12-12.
How severe is CVE-2022-2642?: High severity. CVSS v3 base score is 7.5 out of 10.