CVE-2022-22805 An attack could occur when an improperly handled TLS packet is reassembled and executed.

When a firmware is installed on a SmartConnect Family UPS, it checks the size of the received data. If the received data is larger than the buffer size, the received data will be reassembled and the size will be checked again. An attacker could send a carefully-crafted packet that would cause the data to be reassembled, then cause the data to be reassembled on the second pass, resulting in remote code execution. SmartConnect UPS firmware versions prior to 01.19 have been Vulnerable. Remote Code Execution vulnerability CVE-2019-11478 has been assigned to this vulnerability. More details about this vulnerability can be found at: https://www.cvedetails.com/vulnerability-details/XSA-19-03. More information about this vulnerability can be found in advisory XSA-19 at: https://www.cvedetails.com/advisories/XSA-19. ******************

Solution and Workaround

A new firmware version has been released to address the vulnerability. The company is also releasing a new web service to allow customers to check their firmware versions and identify if they are at risk.
If you use SmartConnect Family UPS that supports Smart Connect, your product is not vulnerable to this issue.

Vulnerability Synopsis

Vulnerable firmware versions

SmartConnect UPC firmware versions prior to 01.19 have been Vulnerable. Remote Code Execution vulnerability CVE-2019-11478 has been assigned to this vulnerability. More details about this vulnerability can be found at: https://www.cvedetails.com/vulnerability-details/XSA-19-03. More information about this vulnerability can be found in advisory XSA-19 at: https://www.cvedetails.com/advisories/XSA-19. ******************

Timeline

Published on: 03/09/2022 20:15:00 UTC
Last modified on: 05/12/2022 20:42:00 UTC

Solution and Workaround

Vulnerability Synopsis

Vulnerable firmware versions

Timeline

References