gsd-2022-2513
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy’s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database. An attacker who manages to get access to the exported backup file can exploit the vulnerability and obtain credentials of the IEDs. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-2513",
"description": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database. An attacker who manages to get access to the exported backup file can exploit the vulnerability and obtain credentials of the IEDs. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.",
"id": "GSD-2022-2513"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-2513"
],
"details": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database. An attacker who manages to get access to the exported backup file can exploit the vulnerability and obtain credentials of the IEDs. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs.",
"id": "GSD-2022-2513",
"modified": "2023-12-13T01:19:19.652141Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@hitachienergy.com",
"ID": "CVE-2022-2513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PCM600",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "v2.6"
}
]
}
},
{
"product_name": "670 Connectivity Package",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0"
}
]
}
},
{
"product_name": "650 Connectivity Package",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.3"
}
]
}
},
{
"product_name": "SAM600-IO Connectivity Package",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
},
{
"product_name": "GMS600 Connectivity Package",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.3"
}
]
}
},
{
"product_name": "PWC600 Connectivity Package",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.1"
}
]
}
}
]
},
"vendor_name": "Hitachi Energy"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "PSE - Polskie Sieci Elektroenergetyczne (Polish Power Grid Company (PPGC))"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database. An attacker who manages to get access to the exported backup file can exploit the vulnerability and obtain credentials of the IEDs. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs."
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-312",
"lang": "eng",
"value": "CWE-312 Cleartext Storage of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "MISC",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nUpdate to PCM600 v2.11 Hotfix 20220923 or apply mitigation\nfactors/workarounds as described in the Mitigation Factors/Workarounds Section.\u003cbr\u003e\u003cbr\u003eList of CPEs:\u0026nbsp;\u003cbr\u003ecpe:2.3:a:hitachienergy:pcm600:*:*:*:*:*:*:*:*\u003cbr\u003e\u003cbr\u003ecpe:2.3:a:hitachienergy:670ConnectivityPackage:3.4.1:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.3.0:*:*:*:*:*:*:*\n\u003cbr\u003e\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.2.6:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.1.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.0.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\u003cbr\u003ecpe:2.3:a:hitachienergy:650ConnectivityPackage:2.4.1:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.3.0:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.2.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.1.2:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\u003cbr\u003e\n\n\u003cbr\u003ecpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.2.0:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.1.0:*:*:*:*:*:*:*\u003cbr\u003e\n\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.0.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e\u003cbr\u003ecpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.2.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.2:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.1:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e\u003cbr\u003ecpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.1:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\u003cbr\u003e \n\n\u003cbr\u003e"
}
],
"value": "\nUpdate to PCM600 v2.11 Hotfix 20220923 or apply mitigation\nfactors/workarounds as described in the Mitigation Factors/Workarounds Section.\n\nList of CPEs:\u00a0\ncpe:2.3:a:hitachienergy:pcm600:*:*:*:*:*:*:*:*\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.4.1:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.3.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.2.6:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.1.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:670ConnectivityPackage:3.0.2:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.4.1:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.3.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.2.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:2.1.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:650ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.2.0:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.1.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:sam600ioConnectivityPackage:1.0.0:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.2.0:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.1:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:pwc600ConnectivityPackage:1.1.0:*:*:*:*:*:*:*\n\n\n\ncpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.1:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:gms600ConnectivityPackage:1.3.0:*:*:*:*:*:*:*\n\n\n \n\n\n"
}
],
"source": {
"advisory": "8DBD000120",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\nIt is recommended to implement and continuously revise least privileges principles to minimize permissions and\naccesses to PCM600 related resources, included the backup file, PCMI/PCMP file.\u003cbr\u003e\u003cbr\u003e Recommended security\npractices and firewall configurations can help protect a process control network from attacks that originate from\noutside the network. Such practices include that process control systems are physically protected from direct\naccess by unauthorized personnel, have no direct connections to the Internet, and are separated from other\nnetworks by means of a firewall system that has a minimal number of ports exposed, and others that have to be\nevaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or\nreceiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses\nbefore they are connected to a control system. \u003cbr\u003e\u003cbr\u003eAn additional recommendation is to follow the hardening guidelines published by \u201cThe Center for Internet Security\n(CIS)\u201d \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisecurity.org/about-us/\"\u003ehttps://www.cisecurity.org/about-us/\u003c/a\u003e to protect the host Operating System.\n\u003cbr\u003e\u003cbr\u003eMore information to deploy PCM600 securely can be found in the following documents:\n1MRS758440, PCM600 Cyber Security Deployment Guideline\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\n\n\nIt is recommended to implement and continuously revise least privileges principles to minimize permissions and\naccesses to PCM600 related resources, included the backup file, PCMI/PCMP file.\n\n Recommended security\npractices and firewall configurations can help protect a process control network from attacks that originate from\noutside the network. Such practices include that process control systems are physically protected from direct\naccess by unauthorized personnel, have no direct connections to the Internet, and are separated from other\nnetworks by means of a firewall system that has a minimal number of ports exposed, and others that have to be\nevaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or\nreceiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses\nbefore they are connected to a control system. \n\nAn additional recommendation is to follow the hardening guidelines published by \u201cThe Center for Internet Security\n(CIS)\u201d https://www.cisecurity.org/about-us/ https://www.cisecurity.org/about-us/ to protect the host Operating System.\n\n\nMore information to deploy PCM600 securely can be found in the following documents:\n1MRS758440, PCM600 Cyber Security Deployment Guideline\n\n\n\n\n\n"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:gms600connectivitypackage:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:gms600connectivitypackage:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:pwc600connectivitypackage:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:pwc600connectivitypackage:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:pwc600connectivitypackage:1.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:pwc600connectivitypackage:1.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:pwc600connectivitypackage:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:sam600ioconnectivitypackage:1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:sam600ioconnectivitypackage:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:sam600ioconnectivitypackage:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:650connectivitypackage:2.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:650connectivitypackage:2.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:650connectivitypackage:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:650connectivitypackage:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:650connectivitypackage:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:670connectivitypackage:3.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:670connectivitypackage:3.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:670connectivitypackage:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:670connectivitypackage:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:670connectivitypackage:3.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:pcm600:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.11",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@hitachienergy.com",
"ID": "CVE-2022-2513"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (ConnPack) credential storage function in Hitachi Energy\u2019s PCM600 product included in the versions listed below, where IEDs credentials are stored in a cleartext format in the PCM600 database. An attacker who manages to get access to the exported backup file can exploit the vulnerability and obtain credentials of the IEDs. The credentials may be used to perform unauthorized modifications such as loading incorrect configurations, reboot the IEDs or cause a denial-of-service on the IEDs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000120\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-12-08T15:25Z",
"publishedDate": "2022-11-22T11:15Z"
}
}
}
Loading...