{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-29T06:27:48.875","vulnerabilities":[{"cve":{"id":"CVE-2022-2895","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-08-31T21:15:08.410","lastModified":"2026-06-17T04:42:47.403","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file."},{"lang":"es","value":"Measuresoft ScadaPro Server (Todas las versiones) usa controles ActiveX no mantenidos. Estos controles pueden permitir dos instancias de desbordamiento de búfer en la región stack de la memoria mientras es procesado un archivo de proyecto específico"}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"Measuresoft","product":"ScadaPro Server","versions":[{"version":"All Versions","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-16T17:27:31.880992Z","id":"CVE-2022-2895","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:measuresoft:scadapro_server:*:*:*:*:*:*:*:*","matchCriteriaId":"69C1131E-C11C-4262-B4DF-E7486538EF7A"}]}]}],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-06","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}