cvedb.io
CVE-2022-2640
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2022-12-02T20:15:12.550 · Last modified 2026-06-17T04:42:15.897

Summary

The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. This could allow an attacker to obtain credentials to run services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP).

Affected products

hornerautomation — rcc972_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when hornerautomation ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.