← Back to CVEs
CVE-2022-23334
CRITICAL9.8
Description
The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published1/30/2023
Last Modified3/28/2025
Sourcenvd
Honeypot Sightings0
Affected Products
ip-label:newtest
Weaknesses (CWE)
CWE-347CWE-347
References
http://ip-label.com(cve@mitre.org)
http://newtest.com(cve@mitre.org)
https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf(cve@mitre.org)
http://ip-label.com(af854a3a-2127-422b-91ae-364da2661108)
http://newtest.com(af854a3a-2127-422b-91ae-364da2661108)
https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.