CVE-2022-1036: 
PHP vulnerability analysis and mitigation

A CWE-294 Authentication Bypass by Capture-replay vulnerability exists in Schneider Electric's SmartConnect Family UPS devices that could allow an unauthenticated connection to the UPS when a malformed connection is sent. The vulnerability affects multiple product lines including SMT Series, SMC Series, SMTL Series, SCL Series, and SMX Series with various firmware versions (Vendor Advisory).

The vulnerability is classified as CWE-294 (Authentication Bypass by Capture-replay) with a CVSS v3.1 base score of 9.8 (CRITICAL) and vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The CVSS v2.0 base score is 7.5 (HIGH) with vector (AV:N/AC:L/Au:N/C:P/I:P/A:P). The vulnerability allows attackers to bypass authentication mechanisms through capture-replay attacks (NVD).

The vulnerability could allow an attacker to establish an unauthenticated connection to the affected UPS devices, potentially leading to unauthorized access and control of the UPS systems. Given the critical CVSS score of 9.8, this vulnerability presents high risks to confidentiality, integrity, and availability of the affected systems (Vendor Advisory).

Affected users should update their firmware to versions newer than those specified for each product line: SMT Series (>04.5), SMC Series (>04.2), SMTL Series (>02.9), SCL Series (>02.5 or >03.1 depending on model), and SMX Series (>03.1) (Vendor Advisory).