Detections
Analytics
ABB M2M Gateway Memory Corruption in embedded Linux Kernel (CVE-2022-43750)
medium Tenable OT Security Plugin ID 503255
Synopsis
The remote OT asset is affected by a vulnerability.Description
drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08
http://www.nessus.org/u?310ae51a
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.15
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.1
http://www.nessus.org/u?236b29b3
http://www.nessus.org/u?0efa48e5
https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html
https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
Plugin Details
Severity: Medium
ID: 503255
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 5/27/2025
Updated: 5/27/2025
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v3
Risk Factor: Medium
Base Score: 6.7
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/o:abb:sw_firmware, cpe:/o:abb:arm600_firmware
Required KB Items: Tenable.ot/ABB
Exploit Ease: No known exploits are available
Patch Publication Date: 10/26/2022
Vulnerability Publication Date: 10/26/2022
Reference Information
CVE: CVE-2022-43750
CWE: 787
ICSA: 25-105-08