CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-27242

A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.7%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

https://cert-portal.siemens.com/productcert/pdf/ssa-736385.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-736385.pdf

Products affected by CVE-2022-27242

Siemens » Openv2g » Version: 0.9.4

cpe:2.3:a:siemens:openv2g:0.9.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-27242

Products

Pricing

Contact Us