How severe is CVE-2022-30243?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2022-30243?

This is classified as CWE-829, which is a common weakness in software security.

CVE-2022-30243 - HIGH Severity | CVSS 8.8

Vulnerability Description

Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. This enables code to be stored on the controller and then run without verification. A user with malicious intent can send a crafted packet to change and/or stop the program without the knowledge of other users, altering the controller's function. After the programming change, the program needs to be overwritten in order for the controller to restore its original operational function.

Related Vulnerabilities

CVE-2018-18387

HIGH

CVSS:8.8(High)

playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse.

CWE-8292018

CVE-2019-8154

HIGH

CVSS:8.8(High)

A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with privileges to modify product catalogs can trigger PHP fi...

CWE-8292019

CVE-2019-9829

HIGH

CVSS:8.8(High)

Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/default_pc/html/art Edit action. This occurs because template rendering uses an include operation on...

CWE-8292019

CVE-2021-30507

HIGH

CVSS:8.8(High)

Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTM...

CWE-8292021

CVE-2022-22246

HIGH

CVSS:8.8(High)

A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file. By chaining this ...

CWE-8292022

CVE-2022-34468

HIGH

CVSS:8.8(High)

An iframe that was not permitted to run scripts could do so if the user clicked on a <code>javascript:</code> link. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, an...

CWE-8292022