CVE-2022-38453 Information

Description

Multiple binary application files on the CMS8000 device are compiled with ’not stripped’ and ‘debug_info’ compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsma-22-244-01