CVE-2017-3222

critical

Description

Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.

References

Advisories
More

https://www.kb.cert.org/vuls/id/586501

https://twitter.com/mkolsek/status/923988845783322625

http://www.securityfocus.com/bid/99899

http://www.inmarsat.com/news/inmarsat-response-to-ioactive-claims/

Details

Source: Mitre, NVD

Published: 2017-07-22

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H