CVE-2022-3083

LOW

Landis+Gyr E850 (ZMQ200) - Info Disclosure

Title source: llm

Description

All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. The web application could become inaccessible for the user if an attacker changes the cookie values.

References (1)

[Third Party Advisory, US Government Resource] https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-07

Scores

CVSS v3 3.9

EPSS 0.0017

EPSS Percentile 38.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-565 CWE-784

Status published

Products (1)

landisgyr/e850_firmware

Published Feb 01, 2023

Tracked Since Feb 18, 2026