CVE-2022-50978
Published: 02 February 2026
Summary
CVE-2022-50978 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Innomic (inferred from references). Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and IA-8 (Identification and Authentication (Non-organizational Users)).
Deeper analysis
CVE-2022-50978 is a vulnerability in Innomic products, as documented in advisory IDS-2026-0001. It enables an unauthenticated remote attacker to potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP). Classified under CWE-306 (Missing Authentication for Critical Function), the issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), reflecting high severity due to its network accessibility, low complexity, lack of prerequisites, and significant availability impact with no confidentiality or integrity effects.
An unauthenticated attacker with network access to the affected Modbus (TCP) interface can exploit the vulnerability without privileges or user interaction. By issuing requests to switch configuration presets, the attacker can cause operational disruption, such as denial of service on the targeted component.
Mitigation details are provided in Innomic's CSAF advisories, available at https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html and https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.json. The CVE was published on 2026-02-02T15:16:28.743.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-55955
Vulnerability details
An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus (TCP).
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Missing authentication on public-facing Modbus TCP interface directly enables remote exploitation for availability impact (DoS via config preset switching).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses CWE-306 by requiring identification and authentication for critical functions like switching configuration presets via Modbus TCP, prohibiting unauthenticated access by default.
Mandates identification and authentication for non-organizational users or processes, preventing unauthenticated remote attackers from exploiting the Modbus TCP interface.
Enforces boundary protection to monitor and control network communications at external interfaces, blocking unauthorized access to the vulnerable Modbus TCP port.