CVE-2022-40187 - Vulnerability Details - OpenCVE

Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework (TCF) service enabled. This service listens on a TCP port on all interfaces and allows for process debugging, file system modification, and terminal access as the root user. In conjunction with a hosted wireless access point and the known passphrase of FSSPORTS, an attacker could use this service to modify a device and steal intellectual property.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Bushnellgolf	Launch Pro Launch Pro Firmware
Foresightsports	Gc3 Launch Monitor Gc3 Launch Monitor Firmware

Configuration 1 [-]

AND

cpe:2.3:o:foresightsports:gc3_launch_monitor_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:foresightsports:gc3_launch_monitor:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:bushnellgolf:launch_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:bushnellgolf:launch_pro:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/atredispartners/advisories/blob/master/ATREDIS-2022-0003.md
https://wiki.eclipse.org/TCF
https://www.bushnellgolf.com/products/launch-monitors/launch-pro/
https://www.foresightsports.com/gc3

History

Thu, 15 May 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-13T00:00:00.000Z

Updated: 2025-05-15T14:45:29.334Z

Reserved: 2022-09-08T00:00:00.000Z

Link: CVE-2022-40187

Vulnrichment

Updated: 2024-08-03T12:14:39.962Z

NVD

Status : Modified

Published: 2022-10-13T01:15:19.617

Modified: 2025-05-15T15:16:02.540

Link: CVE-2022-40187

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-40187", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-05-15T14:45:29.334Z", "dateReserved": "2022-09-08T00:00:00.000Z", "datePublished": "2022-10-13T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2022-10-13T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework (TCF) service enabled. This service listens on a TCP port on all interfaces and allows for process debugging, file system modification, and terminal access as the root user. In conjunction with a hosted wireless access point and the known passphrase of FSSPORTS, an attacker could use this service to modify a device and steal intellectual property."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://wiki.eclipse.org/TCF"}, {"url": "https://www.foresightsports.com/gc3"}, {"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2022-0003.md"}, {"url": "https://www.bushnellgolf.com/products/launch-monitors/launch-pro/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:14:39.962Z"}, "title": "CVE Program Container", "references": [{"url": "https://wiki.eclipse.org/TCF", "tags": ["x_transferred"]}, {"url": "https://www.foresightsports.com/gc3", "tags": ["x_transferred"]}, {"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2022-0003.md", "tags": ["x_transferred"]}, {"url": "https://www.bushnellgolf.com/products/launch-monitors/launch-pro/", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-276", "lang": "en", "description": "CWE-276 Incorrect Default Permissions"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-05-15T14:44:21.582619Z", "id": "CVE-2022-40187", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-15T14:45:29.334Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://wiki.eclipse.org/TCF", "tags": ["x_transferred"]}, {"url": "https://www.foresightsports.com/gc3", "tags": ["x_transferred"]}, {"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2022-0003.md", "tags": ["x_transferred"]}, {"url": "https://www.bushnellgolf.com/products/launch-monitors/launch-pro/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:14:39.962Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-40187", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-15T14:44:21.582619Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-15T14:44:51.926Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://wiki.eclipse.org/TCF"}, {"url": "https://www.foresightsports.com/gc3"}, {"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2022-0003.md"}, {"url": "https://www.bushnellgolf.com/products/launch-monitors/launch-pro/"}], "descriptions": [{"lang": "en", "value": "Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework (TCF) service enabled. This service listens on a TCP port on all interfaces and allows for process debugging, file system modification, and terminal access as the root user. In conjunction with a hosted wireless access point and the known passphrase of FSSPORTS, an attacker could use this service to modify a device and steal intellectual property."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2022-10-13T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-40187", "state": "PUBLISHED", "dateUpdated": "2025-05-15T14:45:29.334Z", "dateReserved": "2022-09-08T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2022-10-13T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:foresightsports:gc3_launch_monitor_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B919A869-4D32-4730-A782-9CC2D6FA251F", "versionEndExcluding": "1.5.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:foresightsports:gc3_launch_monitor:-:*:*:*:*:*:*:*", "matchCriteriaId": "0149ED07-40ED-4304-931D-FC65534124BB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:bushnellgolf:launch_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "12E2865A-DE4E-4F10-ADFC-5C748E766DCC", "versionEndExcluding": "1.5.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:bushnellgolf:launch_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "724A14ED-DD11-4B9E-BDBF-A4C3AEA1CDE9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework (TCF) service enabled. This service listens on a TCP port on all interfaces and allows for process debugging, file system modification, and terminal access as the root user. In conjunction with a hosted wireless access point and the known passphrase of FSSPORTS, an attacker could use this service to modify a device and steal intellectual property."}, {"lang": "es", "value": "Foresight GC3 Launch Monitor versi\u00f3n 1.3.15.68, es enviado con un servicio Target Communication Framework (TCF) habilitado. Este servicio escucha en un puerto TCP en todas las interfaces y permite una depuraci\u00f3n de procesos, la modificaci\u00f3n del sistema de archivos y el acceso al terminal como usuario root. Junto con un punto de acceso inal\u00e1mbrico alojado y la frase de contrase\u00f1a conocida de FSSPORTS, un atacante podr\u00eda usar este servicio para modificar un dispositivo y robar propiedad intelectual"}], "id": "CVE-2022-40187", "lastModified": "2025-05-15T15:16:02.540", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-10-13T01:15:19.617", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2022-0003.md"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://wiki.eclipse.org/TCF"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.bushnellgolf.com/products/launch-monitors/launch-pro/"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.foresightsports.com/gc3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2022-0003.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://wiki.eclipse.org/TCF"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://www.bushnellgolf.com/products/launch-monitors/launch-pro/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://www.foresightsports.com/gc3"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-276"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}