CVE-2022-2103

CRITICAL

FTP - Info Disclosure

Title source: llm

Description

An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories.

References (1)

[Mitigation, Third Party Advisory, US Government Resource] https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-03

Scores

CVSS v3 9.8

EPSS 0.0024

EPSS Percentile 46.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-284 CWE-522

Status published

Affected Products (1)

secheron/sepcos_control_and_protection_relay_firmware < 1.23.21

Timeline

Published Jun 24, 2022

Tracked Since Feb 18, 2026