Vulnerability Details CVE-2022-35648
Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130111 through 100647PRO21183960 with software before 2022-06-09 allow physically proximate attackers to cause a denial of service (fall) by connecting the power cord to a 120V circuit (which may lead to self-starting at an inopportune time).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.2%
CVSS Severity
CVSS v3 Score 2.6
CVSS v2 Score 2.1
References
- https://cwe.mitre.org/data/definitions/372.html
- https://download.nautilus.com/pdf/NLS.T616-T618.cpsc.safety.notice.EN.pdf
- https://www.cpsc.gov/Recalls/2022/Nautilus-Recalls-Treadmills-Due-to-Fall-Hazard
- https://cwe.mitre.org/data/definitions/372.html
- https://download.nautilus.com/pdf/NLS.T616-T618.cpsc.safety.notice.EN.pdf
- https://www.cpsc.gov/Recalls/2022/Nautilus-Recalls-Treadmills-Due-to-Fall-Hazard
Products affected by CVE-2022-35648
-
cpe:2.3:h:nautilus:t616:100672pro21140001
-
cpe:2.3:h:nautilus:t616:100672pro21171980
-
cpe:2.3:h:nautilus:t618:100647pro21130111
-
cpe:2.3:h:nautilus:t618:100647pro21183960
-
cpe:2.3:o:nautilus:t616_firmware:-
-
cpe:2.3:o:nautilus:t618_firmware:-