CVE-2022-50975
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Innomic | VibroLine VLX1 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| Innomic | VibroLine VLX1 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLX2 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| Innomic | VibroLine VLX2 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLX4 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| Innomic | VibroLine VLX4 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLX6 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| Innomic | VibroLine VLX6 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLX8 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| Innomic | VibroLine VLX8 HD 5.0 | 2.1.1866 | unaffected |
| avibia | AvibiaLine AVLX1 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| avibia | AvibiaLine AVLX1 HD 5.0 | 2.1.1866 | unaffected |
| avibia | AvibiaLine AVLX2 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| avibia | AvibiaLine AVLX2 HD 5.0 | 2.1.1866 | unaffected |
| avibia | AvibiaLine AVLX4 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| avibia | AvibiaLine AVLX4 HD 5.0 | 2.1.1866 | unaffected |
| avibia | AvibiaLine AVLX6 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| avibia | AvibiaLine AVLX6 HD 5.0 | 2.1.1866 | unaffected |
| avibia | AvibiaLine AVLX8 HD 5.0 | 2.1.1340 <= 2.1.1387 | affected |
| avibia | AvibiaLine AVLX8 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLE1 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | VibroLine VLE2 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | VibroLine VLE4 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | VibroLine VLE6 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | VibroLine VLE8 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | AvibiaLine AVLE1 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | AvibiaLine AVLE2 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | AvibiaLine AVLE4 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | AvibiaLine AVLE6 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | AvibiaLine AVLE8 HD 5.0 | 2.1.1340 <= 2.1.1387 | unaffected |
| Innomic | VibroLine VLE1 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLE2 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLE4 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLE6 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLE8 HD 5.0 | 2.1.1866 | unaffected |
| Innomic | VibroLine VLE1 HD 4.0 | 1.4.1074 <= 1.4.1116 | unaffected |
| Innomic | VibroLine VLE2 HD 4.0 | 1.4.1074 <= 1.4.1116 | unaffected |
| Innomic | VibroLine VLE4 HD 4.0 | 1.4.1074 <= 1.4.1116 | unaffected |
| Innomic | VibroLine VLE6 HD 4.0 | 1.4.1074 <= 1.4.1116 | unaffected |
| Innomic | VibroLine VLE8 HD 4.0 | 1.4.1074 <= 1.4.1116 | unaffected |
| Innomic | VibroLine VLX1 HD 4.0 | 1.5.1074 <= 1.5.1116 | unaffected |
| Innomic | VibroLine VLX2 HD 4.0 | 1.5.1074 <= 1.5.1116 | unaffected |
| Innomic | VibroLine VLX4 HD 4.0 | 1.5.1074 <= 1.5.1116 | unaffected |
| Innomic | VibroLine VLX6 HD 4.0 | 1.5.1074 <= 1.5.1116 | unaffected |
| Innomic | VibroLine VLX8 HD 4.0 | 1.5.1074 <= 1.5.1116 | unaffected |
Weaknesses
- CWE-346: CWE-346 Origin Validation Error
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html
- https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.json
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.