How severe is CVE-2022-30244?

This vulnerability has a severity rating of HIGH with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2022-30244?

This is classified as CWE-829, which is a common weakness in software security.

CVE-2022-30244 - HIGH Severity | CVSS 8

Vulnerability Description

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be store on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller's function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function.

Related Vulnerabilities

CVE-2021-41037

HIGH

CVSS:8.0(High)

In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. Those touchpoints can, for example, alter the command-li...

CWE-8292021

CVE-2024-43690

HIGH

CVSS:8.0(High)

Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server and Workstations may allow an attacker to perform Remote Code Execution (RCE). This issue affects: Comman...

CWE-8292024

CVE-2017-6381

HIGH

CVSS:8.1(High)

A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, an...

CWE-8292017

CVE-2019-10666

HIGH

CVSS:8.1(High)

An issue was discovered in LibreNMS through 1.47. Several of the scripts perform dynamic script inclusion via the include() function on user supplied input without sanitizing the values by calling bas...

CWE-8292019

CVE-2019-11770

HIGH

CVSS:8.1(High)

In Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is resolving dependencies over HTTP instead of HTTPS. Any of these artifacts could have been MITM to maliciousl...

CWE-8292019

CVE-2020-24985

HIGH

CVSS:8.1(High)

An issue was discovered in Quadbase EspressReports ES 7 Update 9. An authenticated user is able to navigate to the MenuPage section of the application, and change the frmsrc parameter value to retriev...

CWE-8292020