Rewterz Threat Advisory – ICS: Omron CX-Position Vulnerability
March 31, 2022Rewterz Threat Alert – SaintBot Malware – Active IOCs
March 31, 2022Rewterz Threat Advisory – ICS: Omron CX-Position Vulnerability
March 31, 2022Rewterz Threat Alert – SaintBot Malware – Active IOCs
March 31, 2022Severity
Medium
Analysis Summary
CVE-2022-0922
The software does not perform any authentication for critical system functionality. Philips e-Alert is vulnerable to a denial of service, caused by lack of authentication for critical system functionality. A remote attacker could exploit this vulnerability to remotely shut down the system.
Impact
- Denial of Service
- Remote Code Execution
Affected Vendors
- Philips
Affected Products
- e-Alert Version 2.7 and prior
Remediation
Refer to the vendor website for the mitigations and patch updates here