CVE-2022-1070

Summary

Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials.

Affected Software

VendorProductVersion RangeStatus
AethonTUG Home Base ServerAll versions < 24affected

Weaknesses

  • An unauthenticated attacker can connect to the TUG Home Base Server websocket to take control of TUG robots.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References