VDE-2022-012
Vulnerability from csaf_pepperlfuchsse - Published: 2022-04-26 12:00 - Updated: 2022-05-16 14:15Summary
Pepperl+Fuchs: Vulnerability in multiple VisuNet devices
Notes
Summary: Critical vulnerabilities have been discovered in the utilized component Remote Desktop Client by Microsoft.For more information see: https://msrc.microsoft.com/update-guide/vulnerability/CVE- 2022-21990
Impact: Pepperl+Fuchs analyzed and identified affected devices.
In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.The impact of the vulnerabilities on the affected device may result in
code execution
With the products mentioned above, the connection can only be established to RDP servers that have already been preconfigured by the role administrator or engineer. The role operator can therefore not connect to a random RDP server.
Mitigation: The following external protective measured are required:
- Connect only to trusted RDP servers.
- Protect your RDP servers with anti-virus software and Intrusion Detection System (=IDS)
- Access control to RDP servers and the role administrator and engineer on the
affected device.
Remediation: Install the following firmware with security patches to fix this vulnerability.
For products with Windows 10 LTSB 2016:
RM Image 5 Windows Cumulative Security Patch 03/2022 (KB5011495)
- incl. 2021-09 Servicing Stack Update (KB5005698)
- incl. Microsoft .NET Framework 4.7.2 for x64 (KB4054590)
Link: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-33624
For products with Windows 10 LTSC 2019:
RM Image 5.5 Windows Cumulative Security Patch for LTSC 03/2022 (KB5011503)
- incl. 08/2021 Servicing Stack Update (KB5005112)
Link: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-34182
Please note that the links provided are managed and point to the latest firmware available
for VisuNet devices.
Remote Desktop Client Remote Code Execution Vulnerability
8.8 (High)
Mitigation
The following external protective measured are required:
- Connect only to trusted RDP servers.
- Protect your RDP servers with anti-virus software and Intrusion Detection System (=IDS)
- Access control to RDP servers and the role administrator and engineer on the
affected device.
Vendor Fix
Mitigation
The following external protective measured are required:
Connect only to trusted RDP servers.
Protect your RDP servers with anti-virus software and Intrusion Detection System(=IDS)
Access control to RDP servers and the role administrator and engineer on theaffected device.
UPDATE ASolution
Install the following firmware with security patches to fix this vulnerability.For products with Windows 10 LTSB 2016:RM Image 5 Windows Cumulative Security Patch 03/2022 (KB5011495)
incl. 2021-09 Servicing Stack Update (KB5005698)
incl. Microsoft .NET Framework 4.7.2 for x64 (KB4054590)
Link: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-33624
For products with Windows 10 LTSC 2019:RM Image 5.5 Windows Cumulative Security Patch for LTSC 03/2022 (KB5011503)
incl. 08/2021 Servicing Stack Update (KB5005112)
Link: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-34182
Please note that the links provided are managed and point to the latest firmware availablefor VisuNet devices.END UPDATE A
References
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Critical vulnerabilities have been discovered in the utilized component Remote Desktop Client by Microsoft.For more information see: https://msrc.microsoft.com/update-guide/vulnerability/CVE- 2022-21990",
"title": "Summary"
},
{
"category": "description",
"text": "Pepperl+Fuchs analyzed and identified affected devices.\nIn the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.The impact of the vulnerabilities on the affected device may result in\n\ncode execution\n\nWith the products mentioned above, the connection can only be established to RDP servers that have already been preconfigured by the role administrator or engineer. The role operator can therefore not connect to a random RDP server.",
"title": "Impact"
},
{
"category": "description",
"text": "The following external protective measured are required:\n\n- Connect only to trusted RDP servers.\n- Protect your RDP servers with anti-virus software and Intrusion Detection System (=IDS)\n- Access control to RDP servers and the role administrator and engineer on the\naffected device.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Install the following firmware with security patches to fix this vulnerability.\nFor products with Windows 10 LTSB 2016:\nRM Image 5 Windows Cumulative Security Patch 03/2022 (KB5011495)\n\n- incl. 2021-09 Servicing Stack Update (KB5005698)\n- incl. Microsoft .NET Framework 4.7.2 for x64 (KB4054590)\n\nLink: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-33624\n\nFor products with Windows 10 LTSC 2019:\nRM Image 5.5 Windows Cumulative Security Patch for LTSC 03/2022 (KB5011503)\n\n- incl. 08/2021 Servicing Stack Update (KB5005112)\n\nLink: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-34182\n\nPlease note that the links provided are managed and point to the latest firmware available\nfor VisuNet devices.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "cert@pepperl-fuchs.com",
"name": "Pepperl+Fuchs SE",
"namespace": "https://www.pepperl-fuchs.com"
},
"references": [
{
"category": "self",
"summary": "VDE-2022-012: Pepperl+Fuchs: Vulnerability in multiple VisuNet devices - HTML",
"url": "https://certvde.com/en/advisories/VDE-2022-012/"
},
{
"category": "self",
"summary": "VDE-2022-012: Pepperl+Fuchs: Vulnerability in multiple VisuNet devices - CSAF",
"url": "https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-012.json"
},
{
"category": "external",
"summary": "Vendor PSIRT",
"url": "https://www.pepperl-fuchs.com"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Pepperl+Fuchs SE",
"url": "https://certvde.com/en/advisories/vendor/pepperl-fuchs/"
}
],
"title": "Pepperl+Fuchs: Vulnerability in multiple VisuNet devices",
"tracking": {
"aliases": [
"VDE-2022-012"
],
"current_release_date": "2022-05-16T14:15:00.000Z",
"generator": {
"date": "2025-06-12T10:42:42.416Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.27"
}
},
"id": "VDE-2022-012",
"initial_release_date": "2022-04-26T12:00:00.000Z",
"revision_history": [
{
"date": "2022-04-26T12:00:00.000Z",
"number": "1.0.0",
"summary": "Initial revision."
},
{
"date": "2022-05-16T14:15:00.000Z",
"number": "1.1.0",
"summary": "Added firmware and security update details for Windows 10 LTSB 2016 and LTSC 2019."
}
],
"status": "final",
"version": "1.1.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "BTC11-*-TS2-*",
"product": {
"name": "Pepperl+Fuchs Software BTC11-*-TS2-*",
"product_id": "CSAFPID-11001"
}
},
{
"category": "product_name",
"name": "BTC11-*-TS3-*",
"product": {
"name": "BTC11-*-TS3-*",
"product_id": "CSAFPID-11002"
}
},
{
"category": "product_name",
"name": "BTC12-*-TS2-*",
"product": {
"name": "BTC12-*-TS2-*",
"product_id": "CSAFPID-11003"
}
},
{
"category": "product_name",
"name": "BTC12-*-TS3-*",
"product": {
"name": "BTC12-*-TS3-*",
"product_id": "CSAFPID-11004"
}
},
{
"category": "product_name",
"name": "BTC14-*-TS2-*",
"product": {
"name": "BTC14-*-TS2-*",
"product_id": "CSAFPID-11005"
}
},
{
"category": "product_name",
"name": "BTC14-*-TS3-*",
"product": {
"name": "BTC14-*-TS3-*",
"product_id": "CSAFPID-11006"
}
},
{
"category": "product_name",
"name": "PAD-EX01P8DZ2EURC0508256WIFRMS",
"product": {
"name": "PAD-EX01P8DZ2EURC0508256WIFRMS",
"product_id": "CSAFPID-11007"
}
},
{
"category": "product_name",
"name": "RM2xx-*-T6-*",
"product": {
"name": "RM2xx-*-T6-*",
"product_id": "CSAFPID-11008"
}
},
{
"category": "product_name",
"name": "RM3207-*-T61-*",
"product": {
"name": "RM3207-*-T61-*",
"product_id": "CSAFPID-11009"
}
},
{
"category": "product_name",
"name": "RM-320S-*-2-*",
"product": {
"name": "RM-320S-*-2-*",
"product_id": "CSAFPID-11010"
}
},
{
"category": "product_name",
"name": "RM32xx-*-T61-*",
"product": {
"name": "RM32xx-*-T61-*",
"product_id": "CSAFPID-11011"
}
},
{
"category": "product_name",
"name": "RM37xx-*-T6-*",
"product": {
"name": "RM37xx-*-T6-*",
"product_id": "CSAFPID-11012"
}
},
{
"category": "product_name",
"name": "RM82xx-*-T61-*",
"product": {
"name": "RM82xx-*-T61-*",
"product_id": "CSAFPID-11013"
}
},
{
"category": "product_name",
"name": "RM87xx-*-T61-*",
"product": {
"name": "RM87xx-*-T61-*",
"product_id": "CSAFPID-11014"
}
},
{
"category": "product_name",
"name": "RM9xx-*-T61-*",
"product": {
"name": "RM9xx-*-T61-*",
"product_id": "CSAFPID-11015"
}
},
{
"category": "product_name",
"name": "RM-GXP-*-T2-*",
"product": {
"name": "RM-GXP-*-T2-*",
"product_id": "CSAFPID-11016"
}
},
{
"category": "product_name",
"name": "RM-GXP-*-T3-*",
"product": {
"name": "Pepperl+Fuchs Hardware RM-GXP-*-T3-*",
"product_id": "CSAFPID-11017"
}
},
{
"category": "product_name",
"name": "UPGRADE-RMSHELL4-TO-SHELL5*",
"product": {
"name": "UPGRADE-RMSHELL4-TO-SHELL5*",
"product_id": "CSAFPID-11018"
}
},
{
"category": "product_name",
"name": "UPGRADE-TO-SHELL5-2019-LTSC*",
"product": {
"name": "UPGRADE-TO-SHELL5-2019-LTSC*",
"product_id": "CSAFPID-11019"
}
}
],
"category": "product_family",
"name": "Hardware"
}
],
"category": "vendor",
"name": "Pepperl+Fuchs"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RM Shell Version 5.x, Windows 10 LTSC 2016",
"product": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016",
"product_id": "CSAFPID-90001"
}
},
{
"category": "product_name",
"name": "RM Shell Version 5.x, Windows 10 LTSC 2019",
"product": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2019",
"product_id": "CSAFPID-90002"
}
}
],
"category": "product_family",
"name": "OS"
}
],
"category": "vendor",
"name": "Windows"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019"
],
"summary": "Affected products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on Pepperl+Fuchs Software BTC11-*-TS2-*",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on BTC11-*-TS3-*",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on BTC12-*-TS2-*",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2019 installed on BTC12-*-TS3-*",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-90002",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on BTC14-*-TS2-*",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2019 installed on BTC14-*-TS3-*",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-90002",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2019 installed on PAD-EX01P8DZ2EURC0508256WIFRMS",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-90002",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on RM2xx-*-T6-*",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on RM3207-*-T61-*",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2019 installed on RM-320S-*-2-*",
"product_id": "CSAFPID-31010"
},
"product_reference": "CSAFPID-90002",
"relates_to_product_reference": "CSAFPID-11010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on RM32xx-*-T61-*",
"product_id": "CSAFPID-31011"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on RM37xx-*-T6-*",
"product_id": "CSAFPID-31012"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on RM82xx-*-T61-*",
"product_id": "CSAFPID-31013"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on RM87xx-*-T61-*",
"product_id": "CSAFPID-31014"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on RM9xx-*-T61-*",
"product_id": "CSAFPID-31015"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on RM-GXP-*-T2-*",
"product_id": "CSAFPID-31016"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2019 installed on Pepperl+Fuchs Hardware RM-GXP-*-T3-*",
"product_id": "CSAFPID-31017"
},
"product_reference": "CSAFPID-90002",
"relates_to_product_reference": "CSAFPID-11017"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2016 installed on UPGRADE-RMSHELL4-TO-SHELL5*",
"product_id": "CSAFPID-31018"
},
"product_reference": "CSAFPID-90001",
"relates_to_product_reference": "CSAFPID-11018"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Windows RM Shell Version 5.x, Windows 10 LTSC 2019 installed on UPGRADE-TO-SHELL5-2019-LTSC*",
"product_id": "CSAFPID-31019"
},
"product_reference": "CSAFPID-90002",
"relates_to_product_reference": "CSAFPID-11019"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21990",
"notes": [
{
"category": "description",
"text": "Remote Desktop Client Remote Code Execution Vulnerability",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019"
]
},
"remediations": [
{
"category": "mitigation",
"details": "The following external protective measured are required:\n\n- Connect only to trusted RDP servers.\n- Protect your RDP servers with anti-virus software and Intrusion Detection System (=IDS)\n- Access control to RDP servers and the role administrator and engineer on the\naffected device.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Mitigation\nThe following external protective measured are required:\n\nConnect only to trusted RDP servers.\nProtect your RDP servers with anti-virus software and Intrusion Detection System(=IDS)\nAccess control to RDP servers and the role administrator and engineer on theaffected device.\n\n\nUPDATE ASolution\nInstall the following firmware with security patches to fix this vulnerability.For products with Windows 10 LTSB 2016:RM Image 5 Windows Cumulative Security Patch 03/2022 (KB5011495)\n\nincl. 2021-09 Servicing Stack Update (KB5005698)\nincl. Microsoft .NET Framework 4.7.2 for x64 (KB4054590)\n\nLink: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-33624\nFor products with Windows 10 LTSC 2019:RM Image 5.5 Windows Cumulative Security Patch for LTSC 03/2022 (KB5011503)\n\nincl. 08/2021 Servicing Stack Update (KB5005112)\n\nLink: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-34182\nPlease note that the links provided are managed and point to the latest firmware availablefor VisuNet devices.END UPDATE A",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009",
"CSAFPID-31010",
"CSAFPID-31011",
"CSAFPID-31012",
"CSAFPID-31013",
"CSAFPID-31014",
"CSAFPID-31015",
"CSAFPID-31016",
"CSAFPID-31017",
"CSAFPID-31018",
"CSAFPID-31019"
]
}
],
"title": "CVE-2022-21990"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…