How severe is CVE-2022-29948?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2022-29948?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2022-29948

MEDIUM Year: 2022

CVSS v3 Score

4.6

Medium

CVSS v2 Score

2.1

Low

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001_V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode (6 to 14 digits) via the keypad and pressing the Unlock button. This authentication is performed by an unknown microcontroller. By replacing this microcontroller on a target device with one from an attacker-controlled Lepin EP-KP001 whose passcode is known, it is possible to successfully unlock the target device and read the stored data in cleartext.

CVE-2015-7566

MEDIUM

CVSS:4.6(Medium)

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash...

NVD-CWE-Other2015

CVE-2015-8324

MEDIUM

CVSS:4.6(Medium)

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of servic...

NVD-CWE-Other2015

CVE-2016-1851

MEDIUM

CVSS:4.6(Medium)

The Screen Lock feature in Apple OS X before 10.11.5 mishandles password profiles, which allows physically proximate attackers to reset expired passwords in the lock-screen state via unspecified vecto...

NVD-CWE-Other2016

CVE-2016-2184

MEDIUM

CVSS:4.6(Medium)

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL point...

NVD-CWE-Other2016

CVE-2016-2185

MEDIUM

CVSS:4.6(Medium)

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and sys...

NVD-CWE-Other2016

CVE-2016-2186

MEDIUM

CVSS:4.6(Medium)

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system ...

NVD-CWE-Other2016

CVE-2022-29948

Vulnerability Description

Related Vulnerabilities

CVE-2015-7566

CVE-2015-8324

CVE-2016-1851

CVE-2016-2184

CVE-2016-2185

CVE-2016-2186