Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38100

Sept. 13, 2022, 3:15 p.m. |

National Vulnerability Database nist.gov

The CMS800 device fails while attempting to parse malformed network data sent by a threat actor. A threat actor with network access can remotely issue a specially formatted UDP request that will cause the entire device to crash and require a physical reboot. A UDP broadcast request could be sent that causes a mass denial-of-service attack on all CME8000 devices connected to the same network.

cve

Cybersecurity Engineer

@ Apercen Partners LLC | Folsom, CA

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

IT Security Engineer

@ Stylitics | New York City

Information Security Engineer

@ VDA Labs | Remote

Information Security Analyst

@ Metropolitan Transportation Commission | San Francisco, CA

Personnel Security Specialist I

@ NT Concepts | Remote

Cyber Security Manager (SOC/Threat Detection)

@ Nubank | São Paulo

Personnel Security Specialist II

@ NT Concepts | Remote

Infrastructure Consultant - Graduate

@ Netcompany | Leeds, United Kingdom

Senior Cloud Network Security Engineer with expertise in WIFI technologies

@ Uni Systems | Luxembourg, Luxembourg, Luxembourg

DevSecOps Engineer - TOP SECRET Clearance Required - Colorado Springs/Denver/Pueblo

@ Spry Squared, Inc. | Colorado Springs, CO, United States

Product Security Associate

@ Mekari | Jakarta, Jakarta, Indonesia