CVE-2022-24702 – CVE-2022-24702 is a critical buffer overflow vu... (How to Fix)

Q: What is the severity of CVE-2022-24702?

CVE-2022-24702 has a CVSS score of 9.8 (CRITICAL). CVE-2022-24702 is a critical buffer overflow vulnerability in WinAPRS 2.9.0's VHF KISS TNC component that allows remote code execution via malicious AX.25 packets transmitted over radio frequencies. This affects amateur radio operators and organizations using WinAPRS for APRS (Automatic Packet Reporting System) communications, particularly those with exposed radio interfaces. The software is no longer supported by the maintainer, increasing the risk for remaining users.

📋 TL;DR

CVE-2022-24702 is a critical buffer overflow vulnerability in WinAPRS 2.9.0's VHF KISS TNC component that allows remote code execution via malicious AX.25 packets transmitted over radio frequencies. This affects amateur radio operators and organizations using WinAPRS for APRS (Automatic Packet Reporting System) communications, particularly those with exposed radio interfaces. The software is no longer supported by the maintainer, increasing the risk for remaining users.

💻 Affected Systems

Products:

WinAPRS

Versions: 2.9.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using the VHF KISS TNC component for APRS communications. Requires radio interface connectivity to exploit.

📦 What is this software?

Winaprs by Winaprs

View all CVEs affecting Winaprs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the WinAPRS host system, potentially enabling lateral movement within networks and persistent access.

🟠

Likely Case

Remote code execution leading to system compromise, data theft, or use as a pivot point for further attacks within connected networks.

🟢

If Mitigated

Limited impact if system is isolated from critical networks and runs with minimal privileges, though RCE would still compromise the WinAPRS system itself.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploits are publicly available on GitHub. Attack requires ability to transmit malicious AX.25 packets over radio frequencies to the target system.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: None

Vendor Advisory: https://winaprs.com/

Restart Required: No

Instructions:

No official patch available. Software is no longer supported. Consider migrating to alternative APRS software solutions.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate WinAPRS systems from critical networks using firewalls or air gaps

Disable VHF KISS TNC

windows

Disable or remove the vulnerable VHF KISS TNC component if not required

🧯 If You Can't Patch

Replace WinAPRS with supported alternative APRS software
Implement strict network segmentation and monitor for suspicious radio traffic

🔍 How to Verify

Check if Vulnerable:

Check WinAPRS version via Help > About menu. Version 2.9.0 is vulnerable.

Check Version:

Check WinAPRS GUI: Help > About

Verify Fix Applied:

No fix available to verify. Consider verifying removal or replacement of WinAPRS software.

📡 Detection & Monitoring

Log Indicators:

Unusual process creation from WinAPRS.exe
Abnormal network connections from WinAPRS host

Network Indicators:

Suspicious AX.25 packet patterns on radio interfaces
Unexpected outbound connections from WinAPRS systems

SIEM Query:

Process Creation where Image contains 'WinAPRS.exe' AND ParentImage not in ('expected_parents')

📊 Metadata

CVE ID: CVE-2022-24702

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-120

Published: June 2, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/Coalfire-Research/WinAPRS-Exploits Exploit,Third Party Advisory
https://news.ycombinator.com/item?id=31571476 Issue Tracking,Third Party Advisory
https://winaprs.com/ Vendor Advisory
https://www.coalfire.com/the-coalfire-blog/hacking-ham-radio-winaprs-part1 Exploit,Third Party Advisory
https://github.com/Coalfire-Research/WinAPRS-Exploits Exploit,Third Party Advisory
https://news.ycombinator.com/item?id=31571476 Issue Tracking,Third Party Advisory
https://winaprs.com/ Vendor Advisory
https://www.coalfire.com/the-coalfire-blog/hacking-ham-radio-winaprs-part1 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-24702, you might also want to check these: