CVE-2022-38773

MEDIUM Year: 2022
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-1326
View all →

Vulnerability Description

Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code.

Related Vulnerabilities

CVE-2024-32742

HIGH
CVSS:7.6(High)

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains an unrestricted USB port. An attacker with local access to the device could potentially misus...

CWE-13262024

CVE-2024-8357

HIGH
CVSS:7.8(High)

Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installa...

CWE-13262024

CVE-2025-2762

HIGH
CVSS:7.8(High)

CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCP...

CWE-13262025

CVE-2024-8357

HIGH
CVSS:7.8(High)

Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installa...

CWE-13262024

CVE-2025-2762

HIGH
CVSS:7.8(High)

CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCP...

CWE-13262025

CVE-2024-32742

HIGH
CVSS:7.6(High)

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains an unrestricted USB port. An attacker with local access to the device could potentially misus...

CWE-13262024