How severe is CVE-2022-31807?

This vulnerability has a severity rating of HIGH with a CVSS score of 6.2 out of 10.

What type of vulnerability is CVE-2022-31807?

This is classified as CWE-347, which is a common weakness in software security.

CVE-2022-31807

HIGH Year: 2022

CVSS v3 Score

6.2

Medium

Weakness Type

CWE-347

View all →

Vulnerability Description

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass integrated ACC-AP (All versions). Affected devices do not properly check the integrity of firmware updates. This could allow a local attacker to upload a maliciously modified firmware onto the device. In a second scenario, a remote attacker who is able to intercept the transfer of a valid firmware from the server to the device could modify the firmware "on the fly".

CVE-2019-1736

MEDIUM

CVSS:6.2(Medium)

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation che...

CWE-3472019

CVE-2021-43392

MEDIUM

CVSS:6.2(Medium)

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java...

CWE-3472021

CVE-2021-43393

MEDIUM

CVSS:6.2(Medium)

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 a...

CWE-3472021

CVE-2024-2307

MEDIUM

CVSS:6.1(Medium)

A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing unt...

CWE-3472024

CVE-2018-18203

MEDIUM

CVSS:6.4(Medium)

A vulnerability in the update mechanism of Subaru StarLink Harman head units 2017, 2018, and 2019 may give an attacker (with physical access to the vehicle's USB ports) the ability to rewrite the firm...

CWE-3472018

CVE-2019-1809

MEDIUM

CVSS:6.4(Medium)

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software pa...

CWE-3472019

CVE-2022-31807

Vulnerability Description

Related Vulnerabilities

CVE-2019-1736

CVE-2021-43392

CVE-2021-43393

CVE-2024-2307

CVE-2018-18203

CVE-2019-1809