CVE-2022-43378
Published: 18 April 2023
Summary
CVE-2022-43378 is a medium-severity Improper Restriction of Rendered UI Layers or Frames (CWE-1021) vulnerability in Schneider-Electric Netbotz 355 Firmware. Its CVSS base score is 6.5 (Medium).
Operationally, ranked at the 43.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-46417
Vulnerability details
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and…
more
prior)
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.