CVE-2022-50980

6.5 MEDIUM
Denial of Service

📋 TL;DR

An unauthenticated attacker on the same Controller Area Network (CAN) bus can disrupt operations by rapidly switching between configuration presets. This affects systems using vulnerable CAN implementations where configuration preset switching is exposed without authentication. The vulnerability requires physical or logical adjacency to the CAN network.

💻 Affected Systems

Products:
  • Innomic products with vulnerable CAN implementations
Versions: Specific versions not detailed in provided references; check vendor advisory for exact affected versions.
Operating Systems: Embedded/real-time OS used in CAN controllers
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems where CAN configuration preset switching functionality is exposed without proper authentication controls.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete disruption of CAN-connected systems leading to operational failure, safety hazards in automotive/industrial contexts, or denial of service for critical functions.

🟠

Likely Case

Temporary disruption of CAN communications, configuration corruption, or unexpected system behavior requiring manual intervention to restore normal operations.

🟢

If Mitigated

Limited impact with proper network segmentation, authentication controls, and monitoring; potential for brief service interruption but no persistent damage.

🌐 Internet-Facing: LOW - Requires CAN bus access, not directly internet exploitable.
🏢 Internal Only: MEDIUM - Requires internal network access to CAN bus; risk depends on network segmentation and physical security.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW - Simple CAN message injection required.

Exploitation requires CAN bus access; attacker can send crafted CAN messages to trigger preset switching.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched versions.

Vendor Advisory: https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html

Restart Required: Yes

Instructions:

1. Review vendor advisory for affected products. 2. Apply vendor-provided firmware/software updates. 3. Restart affected systems to activate patches. 4. Verify patch effectiveness through testing.

🔧 Temporary Workarounds

CAN Network Segmentation

all

Isolate CAN networks from untrusted systems using firewalls or gateways to prevent unauthorized access.

CAN Message Filtering

all

Implement CAN message filtering to block unauthorized preset switching commands.

🧯 If You Can't Patch

  • Implement strict physical access controls to CAN network components.
  • Deploy network monitoring to detect anomalous CAN traffic patterns.

🔍 How to Verify

Check if Vulnerable:

Check system firmware/software version against vendor advisory; test if unauthenticated CAN messages can trigger preset switching.

Check Version:

Vendor-specific command; consult product documentation for version checking.

Verify Fix Applied:

Apply vendor patch and test that unauthenticated preset switching via CAN is no longer possible.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected configuration preset changes in system logs
  • CAN bus error messages indicating unauthorized access attempts

Network Indicators:

  • Unusual CAN message patterns targeting preset switching functionality
  • CAN traffic from unauthorized sources

SIEM Query:

CAN traffic analysis query: source_ip NOT IN (authorized_CAN_sources) AND message_id IN (preset_switch_ids)

📊 Metadata

CVE ID: CVE-2022-50980
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-306
Published: February 2, 2026
Last Updated: February 4, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

📤 Share This