Details of VAR-202210-1398

ID

VAR-202210-1398

CVE

CVE-2022-35887

TITLE

Abode Systems, Inc. of Abode iota All-In-One Security Kit Format string vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2022-019823

DESCRIPTION

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability arises from format string injection via the `default_key_id` HTTP parameter, as used within the `/action/wirelessConnect` handler. Abode Systems, Inc. of Abode iota All-In-One Security Kit A format string vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Abode Iota is a solid DIY home security system from Abode Corporation

Trust: 2.25

sources: NVD: CVE-2022-35887 // JVNDB: JVNDB-2022-019823 // CNNVD: CNNVD-202210-1478 // VULHUB: VHN-432129

AFFECTED PRODUCTS

vendor:	goabode	model:	iota all-in-one security kit	scope:	eq	version:	6.9z	Trust: 1.0
vendor:	goabode	model:	iota all-in-one security kit	scope:	eq	version:	6.9x	Trust: 1.0
vendor:	abode	model:	iota all-in-one security kit	scope:	eq	version:	abode iota all-in-one security kit firmware 6.9z	Trust: 0.8
vendor:	abode	model:	iota all-in-one security kit	scope:	eq	version:	-	Trust: 0.8
vendor:	abode	model:	iota all-in-one security kit	scope:	eq	version:	abode iota all-in-one security kit firmware 6.9x	Trust: 0.8
vendor:	abode	model:	iota all-in-one security kit	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-019823 // NVD: CVE-2022-35887

CVSS

SEVERITY

CVSSV2

CVSSV3

talos-cna@cisco.com:	CVE-2022-35887
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2022-35887
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-35887
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202210-1478
value:	HIGH
Trust: 0.6

talos-cna@cisco.com:	CVE-2022-35887
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.2
version:	3.0
Trust: 1.0
nvd@nist.gov:	CVE-2022-35887
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-35887
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-019823 // CNNVD: CNNVD-202210-1478 // NVD: CVE-2022-35887 // NVD: CVE-2022-35887

PROBLEMTYPE DATA

problemtype:	CWE-134	Trust: 1.0
problemtype:	Format string problem (CWE-134) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-019823 // NVD: CVE-2022-35887

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-1478

TYPE

format string error

Trust: 0.6

sources: CNNVD: CNNVD-202210-1478

EXTERNAL IDS

db:	NVD	id:	CVE-2022-35887	Trust: 3.3
db:	TALOS	id:	TALOS-2022-1585	Trust: 2.5
db:	JVNDB	id:	JVNDB-2022-019823	Trust: 0.8
db:	CNNVD	id:	CNNVD-202210-1478	Trust: 0.6
db:	VULHUB	id:	VHN-432129	Trust: 0.1

sources: VULHUB: VHN-432129 // JVNDB: JVNDB-2022-019823 // CNNVD: CNNVD-202210-1478 // NVD: CVE-2022-35887

REFERENCES

url:	https://talosintelligence.com/vulnerability_reports/talos-2022-1585	Trust: 3.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-35887	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-35887/	Trust: 0.6

sources: VULHUB: VHN-432129 // JVNDB: JVNDB-2022-019823 // CNNVD: CNNVD-202210-1478 // NVD: CVE-2022-35887

CREDITS

Discovered by Matt Wiseman of Cisco Talos.

Trust: 0.6

sources: CNNVD: CNNVD-202210-1478

SOURCES

db:	VULHUB	id:	VHN-432129
db:	JVNDB	id:	JVNDB-2022-019823
db:	CNNVD	id:	CNNVD-202210-1478
db:	NVD	id:	CVE-2022-35887

LAST UPDATE DATE

2024-08-14T14:24:28.960000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-432129	date:	2022-10-27T00:00:00
db:	JVNDB	id:	JVNDB-2022-019823	date:	2023-10-27T08:13:00
db:	CNNVD	id:	CNNVD-202210-1478	date:	2022-10-31T00:00:00
db:	NVD	id:	CVE-2022-35887	date:	2022-10-27T15:16:55.107

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-432129	date:	2022-10-25T00:00:00
db:	JVNDB	id:	JVNDB-2022-019823	date:	2023-10-27T00:00:00
db:	CNNVD	id:	CNNVD-202210-1478	date:	2022-10-20T00:00:00
db:	NVD	id:	CVE-2022-35887	date:	2022-10-25T17:15:55.150