How severe is CVE-2022-1525?

CVE-2022-1525 has a CVSS v3 score of 9.1 (CRITICAL).

CVE-2022-1525

Name: 3d-a1000_dimensioning_system
Author: cognex

9.1CRITICAL

The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-602: Client-Side Enforcement of Server-Side Security, which could allow attackers to bypass web

Published: 9/6/2022Updated: 11/21/2024

Description

The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-602: Client-Side Enforcement of Server-Side Security, which could allow attackers to bypass web access controls by inspecting and modifying the source code of password protected web elements.

AI AnalysisPowered by AI

Affected Products

cognex3d-a1000_dimensioning_system_firmware

cognex3d-a1000_dimensioning_system

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-249-03
Third Party AdvisoryUS Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-249-03
Third Party AdvisoryUS Government Resource