How severe is CVE-2022-2003?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2022-2003?

This is classified as CWE-319, which is a common weakness in software security.

CVE-2022-2003 - CRITICAL Severity | CVSS 9.1

Vulnerability Description

AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;

Related Vulnerabilities

CVE-2018-6017

CRITICAL

CVSS:9.1(Critical)

Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to extract private sensitive information by sniffing network traffic.

CWE-3192018

CVE-2018-6018

CRITICAL

CVSS:9.1(Critical)

Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to extract private sensitive information by sniffing network traffic.

CWE-3192018

CVE-2019-17218

CRITICAL

CVSS:9.1(Critical)

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. By default, the communication to the web service is unencrypted via http. An attacker is able to inte...

CWE-3192019

CVE-2020-5885

CRITICAL

CVSS:9.1(Critical)

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability (HA) pair transfer sensitive cryptographic obj...

CWE-3192020

CVE-2020-5886

CRITICAL

CVSS:9.1(Critical)

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) pair transfers sensitive cryptographic obj...

CWE-3192020

CVE-2021-22380

CRITICAL

CVSS:9.1(Critical)

There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality and availability.

CWE-3192021