What is the severity of CVE-2022-31269?

CVE-2022-31269 has a high severity due to its potential for unauthorized access to building security controls.

How do I fix CVE-2022-31269?

To fix CVE-2022-31269, ensure that admin credentials are securely stored and not placed in accessible files like /test.txt.

Which devices are affected by CVE-2022-31269?

CVE-2022-31269 affects Nortek Linear eMerge E3-Series devices running firmware versions up to 0.32-09c.

What kind of attack can be performed using CVE-2022-31269?

An attacker can exploit CVE-2022-31269 to gain unauthorized access to building doors if they obtain admin credentials.

Are default credentials related to CVE-2022-31269?

Yes, CVE-2022-31269 is relevant in scenarios where the default credentials have been changed from those outlined in CVE-2019-7271.

Vulnerability/
CVE-2022-31269

high

8.2

CWE

798

25/8/2022

3/8/2024

CVE-2022-31269

First published: Thu Aug 25 2022(Updated: )

Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.)

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Nortekcontrol Emerge E3 Firmware	<=0.32-09c
Nortekcontrol Emerge E3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-31269?
CVE-2022-31269 has a high severity due to its potential for unauthorized access to building security controls.
How do I fix CVE-2022-31269?
To fix CVE-2022-31269, ensure that admin credentials are securely stored and not placed in accessible files like /test.txt.
Which devices are affected by CVE-2022-31269?
CVE-2022-31269 affects Nortek Linear eMerge E3-Series devices running firmware versions up to 0.32-09c.
What kind of attack can be performed using CVE-2022-31269?
An attacker can exploit CVE-2022-31269 to gain unauthorized access to building doors if they obtain admin credentials.
Are default credentials related to CVE-2022-31269?
Yes, CVE-2022-31269 is relevant in scenarios where the default credentials have been changed from those outlined in CVE-2019-7271.

collector/nvd-index
agent/type
agent/references
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/severity
agent/weakness
agent/description
agent/first-publish-date
agent/tags
agent/event
agent/source
vendor/nortekcontrol
canonical/nortekcontrol emerge e3 firmware
version/nortekcontrol emerge e3 firmware/0.32-09c
canonical/nortekcontrol emerge e3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2022-31269?
CVE-2022-31269 has a high severity due to its potential for unauthorized access to building security controls.
How do I fix CVE-2022-31269?
To fix CVE-2022-31269, ensure that admin credentials are securely stored and not placed in accessible files like /test.txt.
Which devices are affected by CVE-2022-31269?
CVE-2022-31269 affects Nortek Linear eMerge E3-Series devices running firmware versions up to 0.32-09c.
What kind of attack can be performed using CVE-2022-31269?
An attacker can exploit CVE-2022-31269 to gain unauthorized access to building doors if they obtain admin credentials.
Are default credentials related to CVE-2022-31269?
Yes, CVE-2022-31269 is relevant in scenarios where the default credentials have been changed from those outlined in CVE-2019-7271.