CVE-2022-2103 CRITICAL

CVE-2022-2103: Secheron SEPCOS Control and Protection Relay

Vendor Secheron

Product SEPCOS Control and Protection Relay firmware package

Weakness CWE-284

Published June 24, 2022

Last update April 16, 2025

View on NVD All CVEs

CVSS base score

9.8/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories.

Key dates

02Disclosure timeline

June 24, 2022 CVE published

April 16, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-2103 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

Identifiers

CVE CVE-2022-2103

CWE CWE-284

CVSS 9.8 / CRITICAL

Affected versions