VDB
ICSA-22-090-06
ICSA-22-090-06
PUBLISHED
CVSS 10 CRITICAL
Successful exploitation of these vulnerabilities could allow an attacker to control the configuration of the radio, join the network without proper authorization, or keep valid users from using the system correctly.
Risk Scores
CVSS 3.1
10
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| iNET/iNET II series radio: firmware versions prior to rev. 8.3.0 | ||
| TD220X series radio: firmware versions prior to rev. 2.0.16 | ||
| SD series radio: firmware versions prior to rev. 6.4.7 | ||
| TD220MAX series radio: firmware versions prior to rev. 1.2.6 |
Timeline
- Mar 31, 2022 CVE Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-090-06.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-22-090-06 advisory
- https://www.cisa.gov/uscert/ncas/tips/ST04-014 url
- https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://www.gegridsolutions.com/app/resources.aspx?prod=iNETII&type=21 fix
- https://www.gegridsolutions.com/app/resources.aspx?prod=SDseries&type=21 fix
- https://www.gegridsolutions.com/app/resources.aspx?prod=td-series&type=21 fix
- https://www.gegridsolutions.com/communications/wireless.htm fix