VDE-2022-023

Vulnerability from csaf_trumpfsecokg - Published: 2022-10-17 10:00 - Updated: 2022-10-17 10:00
Summary
TRUMPF TruTops prone to improper access control
Notes
Summary: During the installation of specific TRUMPF Windows applications, privileged local users with default usernames and passwords are created. An adversary could use these users to access and compromise the affected Windows systems and, under certain circumstances, other network resources.
Impact: Privileged local users with default usernames and passwords can be used to access and compromise affected Windows PCs and possibly other network resources.
Remediation: Please contact your TRUMPF Service with the PR number 496330.
CVE-2022-2052
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-284 - Improper Access Control
Vendor Fix Please contact your TRUMPF Service with the PR number 496330.
References
Acknowledgments
CERTVDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERTVDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "During the installation of specific TRUMPF Windows applications, privileged local users with default usernames and passwords are created. An adversary could use these users to access and compromise the affected Windows systems and, under certain circumstances, other network resources.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Privileged local users with default usernames and passwords can be used to access and compromise affected Windows PCs and possibly other network resources.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Please contact your TRUMPF Service with the PR number 496330.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "product.security@trumpf.com",
      "name": "Trumpf SE + Co. KG",
      "namespace": "https://www.trumpf.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2022-023: TRUMPF TruTops prone to improper access control - HTML",
        "url": "https://certvde.com/de/advisories/VDE-2022-023/"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for ",
        "url": "https://certvde.com/en/advisories/vendor/trumpf/"
      },
      {
        "category": "self",
        "summary": "VDE-2022-023: TRUMPF TruTops prone to improper access control - CSAF",
        "url": "https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-023.json"
      }
    ],
    "title": "TRUMPF TruTops prone to improper access control",
    "tracking": {
      "aliases": [
        "VDE-2022-023"
      ],
      "current_release_date": "2022-10-17T10:00:00.000Z",
      "generator": {
        "date": "2025-03-26T12:19:53.373Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.21"
        }
      },
      "id": "VDE-2022-023",
      "initial_release_date": "2022-10-17T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2022-10-17T10:00:00.000Z",
          "number": "1",
          "summary": "initial revision"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Job Order Interface",
                "product": {
                  "name": "Job Order Interface",
                  "product_id": "CSAFPID-11001"
                }
              },
              {
                "category": "product_name",
                "name": "Oseon",
                "product": {
                  "name": "Oseon",
                  "product_id": "CSAFPID-11002"
                }
              },
              {
                "category": "product_name",
                "name": "TruTops Boost with option Graphic separation of cut parts",
                "product": {
                  "name": "TruTops Boost with option Graphic separation of cut parts",
                  "product_id": "CSAFPID-11003"
                }
              },
              {
                "category": "product_name",
                "name": "TruTops Boost with option Inventory of sheets and remainder sheets",
                "product": {
                  "name": "TruTops Boost with option Inventory of sheets and remainder sheets",
                  "product_id": "CSAFPID-11004"
                }
              },
              {
                "category": "product_name",
                "name": "TruTops Fab",
                "product": {
                  "name": "TruTops Fab",
                  "product_id": "CSAFPID-11005"
                }
              },
              {
                "category": "product_name",
                "name": "TruTops Monitor",
                "product": {
                  "name": "TruTops Monitor",
                  "product_id": "CSAFPID-11006"
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "Firmware vers:all/*",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=1.6",
                "product": {
                  "name": "Firmware \u003c=1.6",
                  "product_id": "CSAFPID-21002"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "TRUMPF Werkzeugmaschinen SE + Co. KG"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006"
        ],
        "summary": "affected products"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware vers:all/* installed on Job Order Interface",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=1.6 installed on Oseon",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware vers:all/* installed on TruTops Boost with option Graphic separation of cut parts",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware vers:all/* installed on TruTops Boost with option Inventory of sheets and remainder sheets",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware vers:all/* installed on TruTops Fab",
          "product_id": "CSAFPID-31005"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware vers:all/* installed on TruTops Monitor",
          "product_id": "CSAFPID-31006"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11006"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-2052",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple Trumpf Products in multiple versions use default privileged Windows users and passwords. An adversary may use these accounts to remotely gain full access to the system."
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Please contact your TRUMPF Service with the PR number 496330.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006"
          ]
        }
      ],
      "title": "CVE-2022-2052"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.