Contechealth Cms8000 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Contechealth Cms8000 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-38100 — CVSS 7.5 (high): The CMS800 device fails while attempting to parse malformed network data sent by a threat actor. A threat actor with network access can…
CVE-2022-36385 — CVSS 6.8 (medium): A threat actor with momentary access to the device can plug in a USB drive and perform a malicious firmware update, resulting in permanent…
CVE-2022-3027 — CVSS 5.7 (medium): The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID…
CVE-2022-38069 — CVSS 4.3 (medium): Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow a threat actor with momentary physical…
CVE-2022-38453 — CVSS 3.0 (low): Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debug_info' compilation settings. These…