{"uuid": "d25f7cc5-4079-4bb6-a403-c4d006450f95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45789", "type": "seen", "source": "https://t.me/cibsecurity/57218", "content": "\u203c CVE-2022-45789 \u203c\n\nA CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure\u00e2\u201e\u00a2 Control Expert (All Versions), EcoStruxure\u00e2\u201e\u00a2 Process Expert (Version V2020 & prior), Modicon M340 CPU (part numbers BMXP34*) (All Versions), Modicon M580 CPU (part numbers BMEP* and BMEH*) (All Versions), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-31T12:38:08.000000Z"}