CVE-2022-44456

Summary

CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a remote unauthenticated attacker to execute an arbitrary OS command on the server where the product is running by sending a specially crafted request.

Affected Software

VendorProductVersion RangeStatus
Contec Co., Ltd.CONPROSYS HMI System (CHS)Ver.3.4.4?and earlieraffected

Weaknesses

  • OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References