CVE-2022-3027 Information

Description

The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name including non-standard characters that when the device attempts connecting to the malicious SSID the device can be exploited to write arbitrary files or display incorrect information.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsma-22-244-01