CVE-2022-3575

CRITICAL

Frauscher Sensortechnik GmbH FDS102 - Code Injection

Title source: llm

Description

Frauscher Sensortechnik GmbH FDS102 for FAdC R2 and FAdCi R2 v2.8.0 to v2.9.1 are vulnerable to malicious code upload without authentication by using the configuration upload function. This could lead to a complete compromise of the FDS102 device.

References (1)

Core 1

Core References

Vendor Advisory

https://www.frauscher.com/en/psirt

Scores

CVSS v3 9.8

EPSS 0.0047

EPSS Percentile 64.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-434

Status published

Products (3)

frauscher/frauscher_diagnostic_system_102 2.8.0 (2 CPE variants)

frauscher/frauscher_diagnostic_system_102 2.9.0 (2 CPE variants)

frauscher/frauscher_diagnostic_system_102 2.9.1 (2 CPE variants)

Published Nov 02, 2022

Tracked Since Feb 18, 2026