CVE-2022-2967 (GCVE-0-2022-2967)

Vulnerability from cvelistv5 – Published: 2023-01-03 21:24 – Updated: 2025-01-16 22:03
VLAI?
Summary
Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
CWE
  • CWE-522 - Insufficiently Protected Credentials
Assigner
References
Impacted products
Vendor Product Version
Prosys OPC UA Simulation Server Affected: 0 , < 5.3.0-64 (custom)
Create a notification for this product.
    Prosys OPC UA Modbus Server Affected: 0 , ≤ 1.4.18-5 (custom)
Create a notification for this product.
Credits
Parvin Kumar, Dr. Sriharsha Etigowni, and Prof. Dongyan Xu of Purdue University West Lafayette reported this vulnerability to CISA.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:53:00.627Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.prosysopc.com/blog/#Security"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-2967",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T20:32:48.380253Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T22:03:17.067Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "UA Simulation Server",
          "vendor": "Prosys OPC",
          "versions": [
            {
              "lessThan": "5.3.0-64",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "UA Modbus Server",
          "vendor": "Prosys OPC",
          "versions": [
            {
              "lessThanOrEqual": "1.4.18-5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Parvin Kumar, Dr. Sriharsha Etigowni, and Prof. Dongyan Xu of Purdue University West Lafayette reported this vulnerability to CISA."
        }
      ],
      "datePublic": "2022-12-15T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."
            }
          ],
          "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-522",
              "description": "CWE-522 Insufficiently Protected Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-03T21:24:21.098Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"
        },
        {
          "url": "https://www.prosysopc.com/blog/#Security"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Prosys has released updates for the following products:\u003cbr\u003e\u2022  UA Simulation Server: Update to v5.4.0\u003cbr\u003e\u2022  UA Modbus Server: Update to 1.4.20\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Prosys has released updates for the following products:\n\u2022  UA Simulation Server: Update to v5.4.0\n\u2022  UA Modbus Server: Update to 1.4.20\n\n"
        }
      ],
      "source": {
        "advisory": "ICSA-22-349-01",
        "discovery": "EXTERNAL"
      },
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\u003cp\u003eProsys also recommends additional workarounds to mitigate exploitation of this vulnerability:\u003c/p\u003e\n\n\u003cul\u003e\u003cli\u003eRestart the application after modifying user passwords.\u003c/li\u003e\n\u003c/ul\u003e\u003cp\u003eFor more information, users can refer to the Prosys OPC \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.prosysopc.com/blog/#Security\"\u003esecurity blog\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e\u003c/p\u003e"
            }
          ],
          "value": "Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:\n\n\n\n  *  Restart the application after modifying user passwords.\n\n\n\nFor more information, users can refer to the Prosys OPC  security blog https://www.prosysopc.com/blog/#Security .\n\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-2967",
    "datePublished": "2023-01-03T21:24:21.098Z",
    "dateReserved": "2022-08-23T15:17:49.768Z",
    "dateUpdated": "2025-01-16T22:03:17.067Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:prosysopc:ua_modbus_server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.4.20\", \"matchCriteriaId\": \"DBD45F09-929C-4DFC-844D-3AC4E00F4F66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:prosysopc:ua_simulation_server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.4.0\", \"matchCriteriaId\": \"9C7B35D9-620E-45A2-8717-91ACD9FFB3FD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.\"}, {\"lang\": \"es\", \"value\": \"La versi\\u00f3n del servidor de simulaci\\u00f3n Prosys OPC UA anterior a la v5.3.0-64 y las versiones del UA Modbus Server 1.4.18-5 y anteriores no protegen suficientemente las credenciales, lo que podr\\u00eda permitir a un atacante obtener credenciales de usuario y acceder a los datos del sistema.\"}]",
      "id": "CVE-2022-2967",
      "lastModified": "2024-11-21T07:02:00.250",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.6, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
      "published": "2023-01-03T22:15:11.757",
      "references": "[{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.prosysopc.com/blog/#Security\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.prosysopc.com/blog/#Security\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-522\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-2967\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2023-01-03T22:15:11.757\",\"lastModified\":\"2024-11-21T07:02:00.250\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.\"},{\"lang\":\"es\",\"value\":\"La versi\u00f3n del servidor de simulaci\u00f3n Prosys OPC UA anterior a la v5.3.0-64 y las versiones del UA Modbus Server 1.4.18-5 y anteriores no protegen suficientemente las credenciales, lo que podr\u00eda permitir a un atacante obtener credenciales de usuario y acceder a los datos del sistema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.6,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-522\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:prosysopc:ua_modbus_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.20\",\"matchCriteriaId\":\"DBD45F09-929C-4DFC-844D-3AC4E00F4F66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:prosysopc:ua_simulation_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.4.0\",\"matchCriteriaId\":\"9C7B35D9-620E-45A2-8717-91ACD9FFB3FD\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.prosysopc.com/blog/#Security\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.prosysopc.com/blog/#Security\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.prosysopc.com/blog/#Security\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T00:53:00.627Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-2967\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-16T20:32:48.380253Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-16T20:32:49.756Z\"}}], \"cna\": {\"source\": {\"advisory\": \"ICSA-22-349-01\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Parvin Kumar, Dr. Sriharsha Etigowni, and Prof. Dongyan Xu of Purdue University West Lafayette reported this vulnerability to CISA.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Prosys OPC\", \"product\": \"UA Simulation Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"5.3.0-64\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Prosys OPC\", \"product\": \"UA Modbus Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"1.4.18-5\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Prosys has released updates for the following products:\\n\\u2022  UA Simulation Server: Update to v5.4.0\\n\\u2022  UA Modbus Server: Update to 1.4.20\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Prosys has released updates for the following products:\u003cbr\u003e\\u2022  UA Simulation Server: Update to v5.4.0\u003cbr\u003e\\u2022  UA Modbus Server: Update to 1.4.20\u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2022-12-15T18:00:00.000Z\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01\"}, {\"url\": \"https://www.prosysopc.com/blog/#Security\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:\\n\\n\\n\\n  *  Restart the application after modifying user passwords.\\n\\n\\n\\nFor more information, users can refer to the Prosys OPC  security blog https://www.prosysopc.com/blog/#Security .\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\u003cp\u003eProsys also recommends additional workarounds to mitigate exploitation of this vulnerability:\u003c/p\u003e\\n\\n\u003cul\u003e\u003cli\u003eRestart the application after modifying user passwords.\u003c/li\u003e\\n\u003c/ul\u003e\u003cp\u003eFor more information, users can refer to the Prosys OPC \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.prosysopc.com/blog/#Security\\\"\u003esecurity blog\u003c/a\u003e\u003cspan style=\\\"background-color: var(--wht);\\\"\u003e.\u003c/span\u003e\u003c/p\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-522\", \"description\": \"CWE-522 Insufficiently Protected Credentials\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2023-01-03T21:24:21.098Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-2967\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-16T22:03:17.067Z\", \"dateReserved\": \"2022-08-23T15:17:49.768Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2023-01-03T21:24:21.098Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.