First published: Thu Apr 14 2022(Updated: )
Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Redlion Da50n Firmware | ||
Redlion Da50n | ||
Red Lion DA50N |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-26516 is a vulnerability that allows authorized users to install a maliciously modified package file when updating the device via the web user interface.
CVE-2022-26516 affects Redlion Da50n Firmware by allowing authorized users to inadvertently install a package file obtained from an unauthorized source or a compromised file.
The severity of CVE-2022-26516 is high, with a CVSS score of 7.8.
To fix CVE-2022-26516, it is recommended to apply the latest firmware update provided by Redlion and avoid using package files obtained from unauthorized sources.
Yes, you can find more information about CVE-2022-26516 at the following reference: https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03