The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE.
References
Link | Resource |
---|---|
http://ip-label.com | Vendor Advisory |
http://newtest.com | Broken Link |
https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf | Broken Link |
Configurations
History
06 Feb 2023, 21:01
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
First Time |
Ip-label
Ip-label newtest |
|
CWE | CWE-347 | |
CPE | cpe:2.3:a:ip-label:newtest:*:*:*:*:*:*:*:* | |
References | (MISC) https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf - Broken Link | |
References | (MISC) http://newtest.com - Broken Link | |
References | (MISC) http://ip-label.com - Vendor Advisory |
30 Jan 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-30 16:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-23334
Mitre link : CVE-2022-23334
CVE.ORG link : CVE-2022-23334
JSON object : View
Products Affected
ip-label
- newtest
CWE
CWE-347
Improper Verification of Cryptographic Signature