cnvd - cnvd-2022-85525

CNVD-2022-85525

Vulnerability from cnvd - Published: 2022-12-07

Title

GE CIMPLICITY HMI/SCADA Software缓冲区溢出漏洞

Description

GE CIMPLICITY HMI/SCADA Software是美国通用电气（GE）公司的一个自动化工业平台。提供了从单机到世界各地工厂位置的真正的客户机-服务器可视化和控制，帮助管理运营并改进决策。 GE CIMPLICITY HMI/SCADA Software 2022及之前版本存在缓冲区溢出漏洞。攻击者可利用漏洞可能影响系统的机密性、可用性或完整性。目前暂无漏洞细节。

Severity

中

Patch Name

GE CIMPLICITY HMI/SCADA Software缓冲区溢出漏洞的补丁

Patch Description

GE CIMPLICITY HMI/SCADA Software是美国通用电气（GE）公司的一个自动化工业平台。提供了从单机到世界各地工厂位置的真正的客户机-服务器可视化和控制，帮助管理运营并改进决策。 GE CIMPLICITY HMI/SCADA Software 2022及之前版本存在缓冲区溢出漏洞，该漏洞源于在处理不受信任的输入时出现边界错误。攻击者可利用漏洞可能影响系统的机密性、可用性或完整性。目前暂无漏洞细节。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-22-06

Reference

https://www.auscert.org.au/bulletins/ESB-2022.6117

Impacted products

Name
GE CIMPLICITY HMI/SCADA Software <=2022

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-2948",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-2948"
    }
  },
  "description": "GE CIMPLICITY HMI/SCADA Software\u662f\u7f8e\u56fd\u901a\u7528\u7535\u6c14\uff08GE\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u81ea\u52a8\u5316\u5de5\u4e1a\u5e73\u53f0\u3002\u63d0\u4f9b\u4e86\u4ece\u5355\u673a\u5230\u4e16\u754c\u5404\u5730\u5de5\u5382\u4f4d\u7f6e\u7684\u771f\u6b63\u7684\u5ba2\u6237\u673a-\u670d\u52a1\u5668\u53ef\u89c6\u5316\u548c\u63a7\u5236\uff0c\u5e2e\u52a9\u7ba1\u7406\u8fd0\u8425\u5e76\u6539\u8fdb\u51b3\u7b56\u3002\n\nGE CIMPLICITY HMI/SCADA Software 2022\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u53ef\u80fd\u5f71\u54cd\u7cfb\u7edf\u7684\u673a\u5bc6\u6027\u3001\u53ef\u7528\u6027\u6216\u5b8c\u6574\u6027\u3002\u76ee\u524d\u6682\u65e0\u6f0f\u6d1e\u7ec6\u8282\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-22-06",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-85525",
  "openTime": "2022-12-07",
  "patchDescription": "GE CIMPLICITY HMI/SCADA Software\u662f\u7f8e\u56fd\u901a\u7528\u7535\u6c14\uff08GE\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u81ea\u52a8\u5316\u5de5\u4e1a\u5e73\u53f0\u3002\u63d0\u4f9b\u4e86\u4ece\u5355\u673a\u5230\u4e16\u754c\u5404\u5730\u5de5\u5382\u4f4d\u7f6e\u7684\u771f\u6b63\u7684\u5ba2\u6237\u673a-\u670d\u52a1\u5668\u53ef\u89c6\u5316\u548c\u63a7\u5236\uff0c\u5e2e\u52a9\u7ba1\u7406\u8fd0\u8425\u5e76\u6539\u8fdb\u51b3\u7b56\u3002\r\n\r\nGE CIMPLICITY HMI/SCADA Software 2022\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u5904\u7406\u4e0d\u53d7\u4fe1\u4efb\u7684\u8f93\u5165\u65f6\u51fa\u73b0\u8fb9\u754c\u9519\u8bef\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u53ef\u80fd\u5f71\u54cd\u7cfb\u7edf\u7684\u673a\u5bc6\u6027\u3001\u53ef\u7528\u6027\u6216\u5b8c\u6574\u6027\u3002\u76ee\u524d\u6682\u65e0\u6f0f\u6d1e\u7ec6\u8282\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "GE CIMPLICITY HMI/SCADA Software\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "GE CIMPLICITY HMI/SCADA Software \u003c=2022"
  },
  "referenceLink": "https://www.auscert.org.au/bulletins/ESB-2022.6117",
  "serverity": "\u4e2d",
  "submitTime": "2022-11-25",
  "title": "GE CIMPLICITY HMI/SCADA Software\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2022-2948 (GCVE-0-2022-2948)

Vulnerability from cvelistv5 – Published: 2022-12-07 22:58 – Updated: 2025-04-16 17:41

Summary

GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

icscert

References

URL

Tags

https://www.cisa.gov/uscert/ics/advisories/icsa-2…

Impacted products

	Vendor	Product	Version
	GE	CIMPLICITY	Affected: 0 , ≤ v2022 (custom)

Credits

Kimiya working with Trend micro Zero Day Initiative reported these vulnerabilities to CISA.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:53:00.630Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-04"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-2948",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T17:25:43.607131Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T17:41:36.455Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CIMPLICITY",
          "vendor": "GE",
          "versions": [
            {
              "lessThanOrEqual": "v2022",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "coordinator",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Kimiya working with Trend micro Zero Day Initiative reported these vulnerabilities to CISA."
        }
      ],
      "datePublic": "2022-11-22T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eGE CIMPICITY versions 2022 and prior is \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code. \u003c/span\u003e\n\n \u003c/span\u003e\n\n"
            }
          ],
          "value": "GE CIMPICITY versions 2022 and prior is \n\nvulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code. \n\n \n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-07T22:58:15.094Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-04"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eGE recommends users refer to the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://digitalsupport.ge.com/communities/en_US/Documentation/CIMPLICITY-Secure-Deployment-Guide2\"\u003eCIMPLICITY Secure Deployment Guide\u003c/a\u003e\u0026nbsp;(login required) for mitigations to the reported vulnerabilities. Specific sections to reference include Section 3.5 Projects and Section 4.2 CimView. \u003c/p\u003e\u003cp\u003eFor more information about this issue, see the GE Digital Product \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-22-06\"\u003eSecurity Advisory\u003c/a\u003e\u0026nbsp;(login required). \u003c/p\u003e\u003cp\u003eFor further questions, users should contact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://digitalsupport.ge.com/communities/CC_Contact\"\u003eGE\u003c/a\u003e. \u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "\nGE recommends users refer to the  CIMPLICITY Secure Deployment Guide https://digitalsupport.ge.com/communities/en_US/Documentation/CIMPLICITY-Secure-Deployment-Guide2 \u00a0(login required) for mitigations to the reported vulnerabilities. Specific sections to reference include Section 3.5 Projects and Section 4.2 CimView. \n\nFor more information about this issue, see the GE Digital Product  Security Advisory https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-22-06 \u00a0(login required). \n\nFor further questions, users should contact  GE https://digitalsupport.ge.com/communities/CC_Contact . \n\n\n\n\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "GE CIMPLICITY Heap-based Buffer Overflow",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-2948",
    "datePublished": "2022-12-07T22:58:15.094Z",
    "dateReserved": "2022-08-22T19:29:24.599Z",
    "dateUpdated": "2025-04-16T17:41:36.455Z",
    "requesterUserId": "548e5310-2409-4eaf-9220-2910d23bb95a",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2022-85525

CVE-2022-2948 (GCVE-0-2022-2948)

Tags

Sightings

Nomenclature