CVE-2022-1261

Published: May 26, 2022

Modified: Apr 16, 2025

PUBLISHED

CVSS v3.1

5.8

MEDIUM

Description

Matrikon, a subsidary of Honeywell Matrikon OPC Server (all versions) is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges.

Vendor	Product	Versions
Matrikon, a subsidiary of Honeywell	Matrikon OPC Server	affected `All Versions`

Weaknesses (CWE)

CWE-284

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

None

Integrity

High

Availability

None

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-144-02

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-1261

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References