CVE-2022-23334
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/01/2023
Last modified:
28/03/2025
Description
The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ip-label:newtest:*:*:*:*:*:*:*:* | 8.5r0 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://ip-label.com
- http://newtest.com
- https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf
- http://ip-label.com
- http://newtest.com
- https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf
- https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf