How severe is CVE-2022-27577?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2022-27577?

This is classified as CWE-342, which is a common weakness in software security.

CVE-2022-27577 - CRITICAL Severity | CVSS 9.1

Vulnerability Description

The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version.

Related Vulnerabilities

CVE-2023-3373

CRITICAL

CVSS:9.1(Critical)

Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT21 model versions 01.49.000 and prior and GOT SIMPLE Series GS21 model versions 01.49.000...

CWE-3422023

CVE-2020-16226

CRITICAL

CVSS:9.8(Critical)

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.

CWE-3422020

CVE-2020-16226

CRITICAL

CVSS:9.8(Critical)

Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.

CWE-3422020

CVE-2023-3373

CRITICAL

CVSS:9.1(Critical)

CWE-3422023

CVE-2020-28388

MEDIUM

CVSS:5.3(Medium)

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5....

CWE-3422020

CVE-2022-29930

MEDIUM

CVSS:4.9(Medium)

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1.

CWE-3422022