CVE-2022-4304

Vulnerability updated 4 months ago (2024-05-04T17:30:58.314Z)

Download STIX

Preview STIX

CVE-2022-4304 is a vulnerability that was identified in several software packages and units, notably the OPC UA Server Unit (all versions), MX OPC Server UA (versions 3.05F and later), and FX5-OPC (versions 1.006 and prior). This flaw, which lies in the design or implementation of these software systems, exposes them to potential security risks. The MX OPC Server UA software is packaged with MC Works64, and the affected versions are those that come with MC Works64 Version 4.03D and later. The vulnerability also extends to the FX5-OPC software, specifically versions 1.006 and earlier. In addition to CVE-2022-4304, these versions of FX5-OPC are also subject to another vulnerability, CVE-2022-4450. The presence of these vulnerabilities suggests that the software could be exploited, potentially leading to unauthorized access or control, data breaches, or other security incidents. In summary, the discovery of CVE-2022-4304 has significant implications for users of the affected software packages and units. All versions of the OPC UA Server Unit, certain versions of MX OPC Server UA (packaged with MC Works64), and earlier versions of FX5-OPC are all at risk. Users of these software packages should take immediate action to mitigate the potential threats associated with this vulnerability, such as updating to a secure version of the software if available, applying patches, or implementing other recommended security measures.

Description last updated: 2024-04-12T14:16:54.092Z

What's your take? (Question 1 of 0)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Vulnerability

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the CVE-2022-4304 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CISA	a month ago	Hitachi Energy AFS/AFR Series Products \| CISA
CISA	3 months ago	Siemens SIMATIC and SIPLUS \| CISA
CISA	5 months ago	Siemens Telecontrol Server Basic \| CISA
CERT-EU	8 months ago	Mitsubishi Electric Factory Automation Products \| CISA
CERT-EU	8 months ago	Mitsubishi Electric Factory Automation Products
CERT-EU	10 months ago	Multiple vulnerabilities in IBM Cloud Pak for Watson AIOps
CERT-EU	a year ago	Multiple vulnerabilities in IBM Observability with Instana (Self-hosted on Docker)
CERT-EU	a year ago	Marvin Attack: 25-year-old RSA Decryption Vulnerability Disclosed
CISA	a year ago	Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch \| CISA
CERT-EU	a year ago	Multiple vulnerabilities in IBM Spectrum Conductor
CERT-EU	a year ago	Multiple vulnerabilities in IBM Rational ClearQuest
CERT-EU	a year ago	New Marvin attack revives 25-year-old decryption flaw in RSA
CISA	a year ago	Hitachi Energy Lumada APM Edge \| CISA
CERT-EU	a year ago	RedHat: RHSA-2023-5103:01 Moderate: OpenShift Virtualization 4.11.6...
CERT-EU	a year ago	With UEFI, TPM, Pluton Etc. Microsoft and Intel/AMD Trashed an Entire Generation of Computers, Made Security a Lot Worse in Order to Curtail GNU/Linux and BSD Adoption
CERT-EU	a year ago	Multiple vulnerabilities in Dell Cloud Tiering Appliance
CERT-EU	a year ago	Dell PowerEdge T40 Mini Tower Server update for OpenSSL
CERT-EU	a year ago	Multiple vulnerabilities in Dell Precision Rack
CISA	a year ago	ICONICS and Mitsubishi Electric Products \| CISA
CERT-EU	a year ago	Multiple vulnerabilities in Dell ECS