CVE-2022-3192 - Vulnerability Details

Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Abb	Ac500 Cpu Firmware Pm5630-2eth Pm5650-2eth Pm5670-2eth Pm5675-2eth Pm571-eth-v14x Pm571-v14x Pm572 Pm573-eth Pm581-eth-v14x Pm581-v14x Pm582 Pm582-arcnet Pm582-eth Pm582-v14x Pm583-eth Pm585-eth Pm585-mc-kit Pm590-arcnet-v14x Pm590-eth Pm590-eth-v14x Pm590-mc-kit Pm590-v14x Pm591-2eth Pm591-arcnet-v14x Pm591-eth Pm591-eth-v14x Pm591-v14x Pm592-eth Pm595-4eth-f

Configuration 1 [-]

AND

cpe:2.3:o:abb:ac500_cpu_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:abb:pm5630-2eth:2.0:::::::*
	cpe:2.3:h:abb:pm5650-2eth:2.0:::::::*
	cpe:2.3:h:abb:pm5670-2eth:2.0:::::::*
	cpe:2.3:h:abb:pm5675-2eth:2.0:::::::*
	cpe:2.3:h:abb:pm571-eth-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm571-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm572:2.0:::::::*
	cpe:2.3:h:abb:pm573-eth:2.0:::::::*
	cpe:2.3:h:abb:pm581-eth-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm581-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm582:2.0:::::::*
	cpe:2.3:h:abb:pm582-arcnet:2.0:::::::*
	cpe:2.3:h:abb:pm582-eth:2.0:::::::*
	cpe:2.3:h:abb:pm582-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm583-eth:2.0:::::::*
	cpe:2.3:h:abb:pm585-eth:2.0:::::::*
	cpe:2.3:h:abb:pm585-mc-kit:2.0:::::::*
	cpe:2.3:h:abb:pm590-arcnet-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm590-eth:2.0:::::::*
	cpe:2.3:h:abb:pm590-eth-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm590-mc-kit:2.0:::::::*
	cpe:2.3:h:abb:pm590-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm591-2eth:2.0:::::::*
	cpe:2.3:h:abb:pm591-arcnet-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm591-eth:2.0:::::::*
	cpe:2.3:h:abb:pm591-eth-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm591-v14x:2.0:::::::*
	cpe:2.3:h:abb:pm592-eth:2.0:::::::*
	cpe:2.3:h:abb:pm595-4eth-f:2.0:::::::*

No data.

References

Link	Providers
https://search.abb.com/library/Download.aspx?DocumentID=3ADR011162&LanguageCode=en&DocumentPartId=&Action=Launch

History

Tue, 11 Feb 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: ABB

Published: 2023-03-31T16:13:13.149Z

Updated: 2025-02-11T18:40:07.850Z

Reserved: 2022-09-13T05:57:45.421Z

Link: CVE-2022-3192

Vulnrichment

Updated: 2024-08-03T01:00:10.643Z

NVD

Status : Modified

Published: 2023-03-31T17:15:06.427

Modified: 2024-11-21T07:19:00.950

Link: CVE-2022-3192

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object