Login Sign Up

CVE-2022-45546

7.5 HIGH

📋 TL;DR

CVE-2022-45546 is an information disclosure vulnerability in ScreenCheck BadgeMaker 2.6.2.0 that allows internal attackers to capture authentication credentials via network sniffing. The vulnerability affects organizations using this specific version of the badge creation software. Attackers can intercept unencrypted authentication data transmitted over the network.

💻 Affected Systems

Products:
  • ScreenCheck BadgeMaker
Versions: 2.6.2.0
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects version 2.6.2.0; earlier or later versions may not be vulnerable. Requires network access to the system running BadgeMaker.

📦 What is this software?

Badgemaker by Screencheck

View all CVEs affecting Badgemaker →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain administrative credentials, gain full control of the BadgeMaker system, and potentially pivot to other systems using the same credentials.

🟠

Likely Case

Internal attackers capture user credentials, access sensitive badge data, and create unauthorized badges or modify existing ones.

🟢

If Mitigated

With proper network segmentation and monitoring, credential theft is detected before exploitation, limiting impact to isolated systems.

🌐 Internet-Facing: LOW - The vulnerability requires internal network access for sniffing, not direct internet exposure.
🏢 Internal Only: HIGH - Internal attackers with network access can easily sniff unencrypted credentials.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires network access and basic sniffing tools like Wireshark. No authentication needed beyond network positioning.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.6.3.0 or later

Vendor Advisory: https://lgnas.gitbook.io/cve-2022-45546/

Restart Required: Yes

Instructions:

1. Download latest version from vendor. 2. Backup current configuration. 3. Install update. 4. Restart BadgeMaker service. 5. Verify encryption is enabled.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate BadgeMaker system on separate VLAN to limit sniffing exposure

Encryption Enforcement

all

Configure network devices to require encrypted connections to BadgeMaker system

🧯 If You Can't Patch

  • Implement strict network access controls to limit who can communicate with the BadgeMaker system
  • Deploy network monitoring to detect sniffing attempts and credential interception

🔍 How to Verify

Check if Vulnerable:

Check BadgeMaker version in Help > About menu. If version is 2.6.2.0, system is vulnerable.

Check Version:

Check Help > About in BadgeMaker application interface

Verify Fix Applied:

Verify version is 2.6.3.0 or later and test authentication traffic with Wireshark to confirm encryption.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed authentication attempts from unusual IPs
  • Authentication logs showing successful logins from unexpected locations

Network Indicators:

  • Unencrypted authentication traffic to BadgeMaker port
  • ARP spoofing or promiscuous mode detection on BadgeMaker network

SIEM Query:

source="badgemaker.log" AND (event_type="authentication" AND NOT protocol="TLS")

📊 Metadata

CVE ID: CVE-2022-45546
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-319
Published: February 15, 2023
Last Updated: March 19, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-45546, you might also want to check these:

CVE-2023-33730 9.8

CVE-2023-33730 is a critical privilege escalation vulnerability in Microworld Technologies eScan Man...

Same vulnerability type (CWE-319)
CVE-2022-21829 9.8

This vulnerability in Concrete CMS allows authenticated high-privilege users to download zip files o...

Same vulnerability type (CWE-319)
CVE-2020-5426 9.8

CVE-2020-5426 allows attackers to intercept UAA client tokens transmitted in plaintext over non-TLS ...

Same vulnerability type (CWE-319)