VDB
CVE-2022-38177
CVE-2022-38177
PUBLISHED
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
EPSS 1.16% · 79.0th percentile
Risk Scores
EPSS Score
1.16%
79.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ABB M2M Gateway ARM600, firmware versions >=4.1.2|<=5.0.3 | |
| ABB | ABB M2M Gateway SW, software versions >=5.0.1|<=5.0.3 |
Exploit Intelligence
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- CVE-2022-32250.yara (github-yara)
- risk_calculator.cpp (github-poc)
- risk_calculator.cpp (github-poc)
- risk_calculator.cpp (github-poc)
- risk_calculator.cpp (github-poc)
…and 14 more exploits
Timeline
- Sep 20, 2022 CVE Published
- Sep 22, 2022 EPSS Score
- Sep 25, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Dec 20, 2022 EPSS Score
- Dec 29, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 20, 2023 EPSS Score
- May 3, 2023 EPSS Score
- Jun 17, 2023 EPSS Score
- Sep 15, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
References
- https://psirt.abb.com/csaf/2025/2nga002579.json advisory
- https://library.e.abb.com/public/ffab1a14a42646c6adee38fc3de61dad/Arctic_csdepl_758860_ENf.pdf advisory
- https://library.e.abb.com/public/0498e4c0babd46aa9243aedd6f99c375/ARM600_user_758861_ENk.pdf advisory
- https://new.abb.com/service/electrification/life-cycle-management?pe_data=D42415F457244415145784545584371%7C29609824 advisory
- https://search.abb.com/library/Download.aspx?DocumentID=2NGA002579&LanguageCode=en&DocumentPartId=pdf&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=1MRS758860&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-38177 advisory