NVD disclosure day

Published threat advisories for February 12, 2023

CVE-2022-4557

Smartpower Web lets attackers steal data or take control by exploiting a web security flaw.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical flaw in Group Arge Smartpower Web allows attackers to steal or control sensitive data through the internet without needing a password. This needs immediate attention due to the broad potential impact.

NVD published: February 12, 2023

CVE advisoryCRITICAL

CVE-2022-45088

Smartpower Web vulnerability could let attackers take control of your energy systems.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A critical flaw in Smartpower Web could allow unauthorized access to or control of energy and control systems. This vulnerability is remotely exploitable and requires no authentication, making it a significant risk.

NVD published: February 12, 2023