CVE-2022-50975

HIGH

Device <unknown> - Privilege Escalation

Title source: llm

Description

An unauthenticated remote attacker is able to use an existing session id of a logged in user and gain full access to the device if configuration via ethernet is enabled.

References (2)

Core 2

Core References

Various Sources vendor-advisory

https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html

Various Sources vendor-advisory

https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.json

Scores

CVSS v3 8.8

EPSS 0.0023

EPSS Percentile 13.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-346

Status published

Products (45)

avibia/AvibiaLine AVLX1 HD 5.0 2.1.1340 - 2.1.1387

avibia/AvibiaLine AVLX1 HD 5.0 2.1.1866

avibia/AvibiaLine AVLX2 HD 5.0 2.1.1340 - 2.1.1387

avibia/AvibiaLine AVLX2 HD 5.0 2.1.1866

avibia/AvibiaLine AVLX4 HD 5.0 2.1.1340 - 2.1.1387

avibia/AvibiaLine AVLX4 HD 5.0 2.1.1866

avibia/AvibiaLine AVLX6 HD 5.0 2.1.1340 - 2.1.1387

avibia/AvibiaLine AVLX6 HD 5.0 2.1.1866

avibia/AvibiaLine AVLX8 HD 5.0 2.1.1340 - 2.1.1387

avibia/AvibiaLine AVLX8 HD 5.0 2.1.1866

... and 35 more

Published Feb 02, 2026

Tracked Since Feb 18, 2026