CVE-2022-2474
CVE-2022-2474
Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the “Ethernet Q Commands” service, which allows any user on the same network segment as the controller (even while connected remotely) to access the service and write unauthorized macros to the device.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Haas · Haas CNC ControllerQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →