March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
February 25, 2022
Rewterz Threat Alert – Donot APT Group – Active IOCs
February 25, 2022
Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
February 25, 2022
Rewterz Threat Alert – Donot APT Group – Active IOCs
February 25, 2022
Severity
High
Analysis Summary
CVE-2022-22722
If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to this product, they could observe and manipulate traffic associated with product configuration. This could result in information disclosure.
CVE-2022-22723; CVE-2022-22725
A buffer copy without checking size of input vulnerability exists in Easergy P5 devices that could lead to a buffer overflow, causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping functions via GOOSE can be impacted.
Impact
- Information Disclosure
- Code Execution
- Software Crash
Indicators of Compromise
CVEs
- CVE-2022-22722
- CVE-2022-22723
- CVE-2022-22725
Affected Vendors
Schneider Electric
Affected Products
- Easergy P5: All firmware versions prior to v01.401.101
- Easergy P3: All versions prior to v30.205
Remediation
Refer to CISA Advisory for the patch, upgrade, or suggested workaround information.