Vulnerability Description
Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130111 through 100647PRO21183960 with software before 2022-06-09 allow physically proximate attackers to cause a denial of service (fall) by connecting the power cord to a 120V circuit (which may lead to self-starting at an inopportune time).
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nautilus | T618 Firmware | < 2022-06-09 |
| Nautilus | T618 | >= 100647pro21130111, <= 100647pro21183960 |
| Nautilus | T616 Firmware | < 2022-06-09 |
| Nautilus | T616 | >= 100672pro21140001, <= 100672pro21171980 |
References
- https://cwe.mitre.org/data/definitions/372.htmlThird Party AdvisoryVDB Entry
- https://download.nautilus.com/pdf/NLS.T616-T618.cpsc.safety.notice.EN.pdfProductVendor Advisory
- https://www.cpsc.gov/Recalls/2022/Nautilus-Recalls-Treadmills-Due-to-Fall-HazardProductUS Government Resource
- https://cwe.mitre.org/data/definitions/372.htmlThird Party AdvisoryVDB Entry
- https://download.nautilus.com/pdf/NLS.T616-T618.cpsc.safety.notice.EN.pdfProductVendor Advisory
- https://www.cpsc.gov/Recalls/2022/Nautilus-Recalls-Treadmills-Due-to-Fall-HazardProductUS Government Resource
FAQ
What is CVE-2022-35648?
CVE-2022-35648 is a vulnerability with a CVSS score of 2.6 (LOW). Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130111 through 100647PRO21183960 with software before 2022-06-09 allow physically proximate attackers t...
How severe is CVE-2022-35648?
CVE-2022-35648 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-35648?
Check the references section above for vendor advisories and patch information. Affected products include: Nautilus T618 Firmware, Nautilus T618, Nautilus T616 Firmware, Nautilus T616.