CVE-2022-48198

CRITICAL Year: 2022
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-668
View all →

Vulnerability Description

The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled time_ref_topic parameter.

Related Vulnerabilities

CVE-2008-7291

CRITICAL
CVSS:9.8(Critical)

gri before 2.12.18 generates temporary files in an insecure way.

CWE-6682008

CVE-2017-18129

CRITICAL
CVSS:9.8(Critical)

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelera...

CWE-6682017

CVE-2018-18068

CRITICAL
CVSS:9.8(Critical)

The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 (the highest privilege level in ARMv8) memory/register ...

CWE-6682018

CVE-2018-7072

CRITICAL
CVSS:9.8(Critical)

A remote bypass of security restrictions vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24.

CWE-6682018

CVE-2018-7846

CRITICAL
CVSS:9.8(Critical)

A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauth...

CWE-6682018

CVE-2019-10781

CRITICAL
CVSS:9.8(Critical)

In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the `sanitize()` and the `validate()` function used within schema-inspector.

CWE-6682019