CVE-2022-2793
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-2793
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
缺失完整性检查支持
Source: NVD (National Vulnerability Database)
Vulnerability Title
Emerson Proficy Machine Edition 数据伪造问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Emerson Proficy Machine Edition是Emerson公司的一个应用软件。一个自动化解决方案。 Emerson Proficy Machine Edition 9.00版本及之前版本存在数据伪造问题漏洞,该漏洞源于在为 SRTP 协议建立连接后没有数据包的身份验证或授权。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Emerson Electric | Proficy Machine Edition | all ~ 9.00 | - |
II. Public POCs for CVE-2022-2793
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-2793
请登录查看更多情报信息。
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-06x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2022-2793
Same Patch Batch · Emerson Electric · 2022-08-19 · 5 CVEs total
| CVE-2022-2792 | 6.6 MEDIUM | Emerson Proficy Machine Edition 安全漏洞 |
| CVE-2022-2790 | 5.9 MEDIUM | Emerson Proficy Machine Edition 数据伪造问题漏洞 |
| CVE-2022-2789 | 4.7 MEDIUM | Emerson Proficy Machine Edition 数据伪造问题漏洞 |
| CVE-2022-2788 | 3.9 LOW | Emerson Proficy Machine Edition 路径遍历漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-353
- CVE-2026-42428
OpenClaw < 2026.4.8 - Missing Integrity Verification in Pack - CVE-2026-3856
IBM Db2 Recovery Expert Missing Integrity Check - CVE-2025-10010
Integrity Validation Bypass in CryptoPro Secure Disk for Bit - CVE-2025-15364
Download Manager <= 3.3.40 - Unauthenticated Limited Privile - CVE-2026-21437
eopkg vulnerable to package file list integrity bypass
V. Comments for CVE-2022-2793
No comments yet