CVE-2022-4304

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-4304 is a vulnerability that was identified in several software packages and units, notably the OPC UA Server Unit (all versions), MX OPC Server UA (versions 3.05F and later), and FX5-OPC (versions 1.006 and prior). This flaw, which lies in the design or implementation of these software systems, exposes them to potential security risks. The MX OPC Server UA software is packaged with MC Works64, and the affected versions are those that come with MC Works64 Version 4.03D and later. The vulnerability also extends to the FX5-OPC software, specifically versions 1.006 and earlier. In addition to CVE-2022-4304, these versions of FX5-OPC are also subject to another vulnerability, CVE-2022-4450. The presence of these vulnerabilities suggests that the software could be exploited, potentially leading to unauthorized access or control, data breaches, or other security incidents. In summary, the discovery of CVE-2022-4304 has significant implications for users of the affected software packages and units. All versions of the OPC UA Server Unit, certain versions of MX OPC Server UA (packaged with MC Works64), and earlier versions of FX5-OPC are all at risk. Users of these software packages should take immediate action to mitigate the potential threats associated with this vulnerability, such as updating to a secure version of the software if available, applying patches, or implementing other recommended security measures.
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vulnerability
Rsa
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
ZLibUnspecified
1
Zlib is a known malware, a harmful program designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can cause significant damage, including stealing personal information, disrupting opera
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
CVE-2022-4450Unspecified
1
None
Source Document References
Information about the CVE-2022-4304 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CISA
4 days ago
Siemens SIMATIC and SIPLUS | CISA
CERT-EU
a year ago
RedHat: RHSA-2023-4421:01 Important: OpenShift Virtualization 4.12....
CERT-EU
10 months ago
Multiple vulnerabilities in Dell Cloud Tiering Appliance
CISA
2 months ago
Siemens Telecontrol Server Basic | CISA
CERT-EU
a year ago
Information exposure through an error message in IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data
CERT-EU
9 months ago
RedHat: RHSA-2023-5103:01 Moderate: OpenShift Virtualization 4.11.6...
CISA
8 months ago
Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch | CISA
CERT-EU
8 months ago
Multiple vulnerabilities in IBM Spectrum Conductor
CERT-EU
10 months ago
Multiple vulnerabilities in Dell ECS
CERT-EU
a year ago
Multiple vulnerabilities in API Gateway and API Manager
CISA
a year ago
Siemens SIMATIC S7-1500 TM MFP Linux Kernel | CISA
CERT-EU
9 months ago
New Marvin attack revives 25-year-old decryption flaw in RSA
CERT-EU
8 months ago
Marvin Attack: 25-year-old RSA Decryption Vulnerability Disclosed
CERT-EU
a year ago
Multiple vulnerabilities in Dell PowerProtect Cyber Recovery
CERT-EU
a year ago
Multiple vulnerabilities in IBM Cloud Transformation Advisor
CERT-EU
a year ago
Multiple vulnerabilities in IBM Decision Optimization for IBM Cloud Pak for Data
CERT-EU
a year ago
​Siemens SIMATIC MV500 Devices | CISA
Naked Security
a year ago
Serious Security: GnuTLS follows OpenSSL, fixes timing attack bug
CERT-EU
a year ago
SUSE: 2023:324-1 suse/rmt-server Security Update | LinuxSecurity.com
CERT-EU
a year ago
Multiple vulnerabilities in IBM Business Automation Workflow Configuration Editor