Details of VAR-202204-1008

ID

VAR-202204-1008

CVE

CVE-2022-28743

TITLE

Foscam of r2c application firmware and r2c system in the firmware Time-of-check Time-of-use (TOCTOU) Race condition vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2022-008628

DESCRIPTION

Time-of-check Time-of-use (TOCTOU) Race Condition vulerability in Foscam R2C IP camera running System FW <= 1.13.1.6, and Application FW <= 2.91.2.66, allows an authenticated remote attacker with administrator permissions to execute arbitrary remote code via a malicious firmware patch. The impact of this vulnerability is that the remote attacker could gain full remote access to the IP camera and the underlying Linux system with root permissions. With root access to the camera's Linux OS, an attacker could effectively change the code that is running, add backdoor access, or invade the privacy of the user by accessing the live camera stream. Foscam of r2c application firmware and r2c system The firmware has Time-of-check Time-of-use (TOCTOU) There is a race condition vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Foscam R2C IP is a webcam from the Chinese company Foscam

Trust: 2.25

sources: NVD: CVE-2022-28743 // JVNDB: JVNDB-2022-008628 // CNVD: CNVD-2022-55218 // VULMON: CVE-2022-28743

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-55218

AFFECTED PRODUCTS

vendor:	foscam	model:	r2c system	scope:	lte	version:	1.13.1.6	Trust: 1.0
vendor:	foscam	model:	r2c application	scope:	lte	version:	2.91.2.66	Trust: 1.0
vendor:	foscam	model:	r2c application	scope:	-	version:	-	Trust: 0.8
vendor:	foscam	model:	r2c system	scope:	-	version:	-	Trust: 0.8
vendor:	foscam	model:	r2c ip	scope:	lte	version:	<=2.91.2.66	Trust: 0.6
vendor:	foscam	model:	r2c ip	scope:	lte	version:	<=1.13.1.6	Trust: 0.6

sources: CNVD: CNVD-2022-55218 // JVNDB: JVNDB-2022-008628 // NVD: CVE-2022-28743

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-28743
value:	MEDIUM
Trust: 1.0
cve@mitre.org:	CVE-2022-28743
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2022-28743
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2022-55218
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202204-3947
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2022-28743
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2022-28743
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.8
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2022-55218
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.8
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2022-28743
baseSeverity:	MEDIUM
baseScore:	6.6
vectorString:	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.7
impactScore:	5.9
version:	3.1
Trust: 1.0
cve@mitre.org:	CVE-2022-28743
baseSeverity:	CRITICAL
baseScore:	9.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.3
impactScore:	6.0
version:	3.1
Trust: 1.0
NVD:	CVE-2022-28743
baseSeverity:	MEDIUM
baseScore:	6.6
vectorString:	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-55218 // VULMON: CVE-2022-28743 // JVNDB: JVNDB-2022-008628 // CNNVD: CNNVD-202204-3947 // NVD: CVE-2022-28743 // NVD: CVE-2022-28743

PROBLEMTYPE DATA

problemtype:	CWE-367	Trust: 1.0
problemtype:	Time-of-check Time-of-use (TOCTOU) Race condition (CWE-367) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-008628 // NVD: CVE-2022-28743

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202204-3947

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202204-3947

EXTERNAL IDS

db:	NVD	id:	CVE-2022-28743	Trust: 3.9
db:	JVNDB	id:	JVNDB-2022-008628	Trust: 0.8
db:	CNVD	id:	CNVD-2022-55218	Trust: 0.6
db:	CS-HELP	id:	SB2022042607	Trust: 0.6
db:	CNNVD	id:	CNNVD-202204-3947	Trust: 0.6
db:	VULMON	id:	CVE-2022-28743	Trust: 0.1

sources: CNVD: CNVD-2022-55218 // VULMON: CVE-2022-28743 // JVNDB: JVNDB-2022-008628 // CNNVD: CNNVD-202204-3947 // NVD: CVE-2022-28743

REFERENCES

url:	https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/keeping-a-critical-eye-on-iot-devices.html	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2022-28743	Trust: 1.4
url:	https://www.cybersecurity-help.cz/vdb/sb2022042607	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-28743/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/367.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2022-55218 // VULMON: CVE-2022-28743 // JVNDB: JVNDB-2022-008628 // CNNVD: CNNVD-202204-3947 // NVD: CVE-2022-28743

SOURCES

db:	CNVD	id:	CNVD-2022-55218
db:	VULMON	id:	CVE-2022-28743
db:	JVNDB	id:	JVNDB-2022-008628
db:	CNNVD	id:	CNNVD-202204-3947
db:	NVD	id:	CVE-2022-28743

LAST UPDATE DATE

2024-11-23T23:03:53.284000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-55218	date:	2022-08-04T00:00:00
db:	VULMON	id:	CVE-2022-28743	date:	2022-05-04T00:00:00
db:	JVNDB	id:	JVNDB-2022-008628	date:	2023-07-28T08:04:00
db:	CNNVD	id:	CNNVD-202204-3947	date:	2022-05-05T00:00:00
db:	NVD	id:	CVE-2022-28743	date:	2024-11-21T06:57:51.140

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-55218	date:	2022-05-12T00:00:00
db:	VULMON	id:	CVE-2022-28743	date:	2022-04-21T00:00:00
db:	JVNDB	id:	JVNDB-2022-008628	date:	2023-07-28T00:00:00
db:	CNNVD	id:	CNNVD-202204-3947	date:	2022-04-21T00:00:00
db:	NVD	id:	CVE-2022-28743	date:	2022-04-21T19:15:09