gsd-2022-3388
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA
Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-3388",
"id": "GSD-2022-3388"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-3388"
],
"details": "\n\n\nAn input validation vulnerability exists in the Monitor Pro interface of MicroSCADA\nPro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user\u0027s role.\n\n\n\n\n\n",
"id": "GSD-2022-3388",
"modified": "2023-12-13T01:19:39.844543Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@hitachienergy.com",
"ID": "CVE-2022-3388",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MicroSCADA Pro SYS600",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9.0"
}
]
}
},
{
"product_name": "MicroSCADA X SYS600",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0"
}
]
}
}
]
},
"vendor_name": "Hitachi Energy"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\n\n\nAn input validation vulnerability exists in the Monitor Pro interface of MicroSCADA\nPro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user\u0027s role.\n\n\n\n\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-20",
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqaid=4293\u0026elqat=1",
"refsource": "MISC",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqaid=4293\u0026elqat=1"
}
]
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For SYS600 9.x: update to at SYS600 version SYS600 9.4 FP2\u0026nbsp;Hotfix 5 when it is released or upgrade to at least SYS600 version 10.4.1.\u003cbr\u003e\n\nA requirement to install SYS600 9.4 FP2 Hotfix 5 is to have at least\nthe SYS600 9.4 FP2 Hotfix 4 installed.\u003cbr\u003e\u003cbr\u003e \n\nCPE:\u0026nbsp;\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:*\n\n\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "For SYS600 9.x: update to at SYS600 version SYS600 9.4 FP2\u00a0Hotfix 5 when it is released or upgrade to at least SYS600 version 10.4.1.\n\n\nA requirement to install SYS600 9.4 FP2 Hotfix 5 is to have at least\nthe SYS600 9.4 FP2 Hotfix 4 installed.\n\n \n\nCPE:\u00a0\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:*\n\n\n\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nFor SYS600 10.x update to at least SYS600 version 10.4.1\nOr apply general mitigation factors.\u003cbr\u003e\u003cbr\u003e\n\n\nCPE:\u0026nbsp;\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "\nFor SYS600 10.x update to at least SYS600 version 10.4.1\nOr apply general mitigation factors.\n\n\n\n\nCPE:\u00a0\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\n\n"
}
],
"source": {
"advisory": "8DBD000123",
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nRecommended security practices and firewall configurations can help protect a process control network from\nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and\nare separated from other networks by means of a firewall system that has a minimal number of ports exposed,\nand others that have to be evaluated case by case. Process control systems should not be used for Internet\nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be\u0026nbsp;carefully scanned for viruses before they are connected to a control system. Proper password policies and processes should be followed.\nWe recommend following the cybersecurity deployment guideline as follows: 1MRK511518 MicroSCADA X\nCyber Security Deployment Guideline.\n\n\u003cbr\u003e"
}
],
"value": "\nRecommended security practices and firewall configurations can help protect a process control network from\nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and\nare separated from other networks by means of a firewall system that has a minimal number of ports exposed,\nand others that have to be evaluated case by case. Process control systems should not be used for Internet\nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be\u00a0carefully scanned for viruses before they are connected to a control system. Proper password policies and processes should be followed.\nWe recommend following the cybersecurity deployment guideline as follows: 1MRK511518 MicroSCADA X\nCyber Security Deployment Guideline.\n\n\n"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@hitachienergy.com",
"ID": "CVE-2022-3388"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "\n\n\nAn input validation vulnerability exists in the Monitor Pro interface of MicroSCADA\nPro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user\u0027s role.\n\n\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqaid=4293\u0026elqat=1",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqaid=4293\u0026elqat=1"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-10-19T05:15Z",
"publishedDate": "2022-11-21T19:15Z"
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.