MidnightBSD

Advisories for iclinks

CVE-2022-25359 MEDIUM

On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,

Products Affected

Vendor Product Version
iclinks weblib 1.22
iclinks scadaflex_ii_firmware 1.02.15
iclinks scadaflex_ii_firmware 1.02.20
iclinks scadaflex_ii_firmware 1.01.14
iclinks weblib 1.13
iclinks scadaflex_ii_firmware 1.03.07
iclinks weblib 1.14
iclinks weblib 1.16
iclinks scadaflex_ii_firmware 1.02.01
iclinks scadaflex_ii_firmware 1.01.01
iclinks weblib 1.24