Threat Advisories - NVD Disclosed February 23, 2023

CVE-2022-2504

SDD-Baro allows attackers to take control of customer data and services

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

An SQL injection flaw in SDD-Baro lets attackers steal or alter sensitive customer data and control services by sending malicious commands over the internet. This is a critical issue for all versions before 2.8.432.

NVD published: February 23, 2023