CVE-2022-2334 - Vulnerability Details - OpenCVE

ReportizFlow

The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Softing	Edgeaggregator Edgeconnector Opc Opc Ua C\+\+ Software Development Kit Secure Integration Server Uagates

Configuration 1 [-]

OR	cpe:2.3:a:softing:edgeaggregator:3.1:::::::*
	cpe:2.3:a:softing:edgeconnector:3.1:::::::*
	cpe:2.3:a:softing:opc:5.2:::::::*
	cpe:2.3:a:softing:opc_ua_c\+\+_software_development_kit:6:::::::*
	cpe:2.3:a:softing:secure_integration_server:1.22:::::::*
	cpe:2.3:a:softing:uagates:1.74:::::::*

No data.

References

Link	Providers
https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html
https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2022-08-17T20:11:17

Updated: 2024-08-03T00:32:09.402Z

Reserved: 2022-07-06T00:00:00

Link: CVE-2022-2334

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-08-17T21:15:08.973

Modified: 2024-11-21T07:00:47.390

Link: CVE-2022-2334

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Secure Integration Server", "vendor": "Softing", "versions": [{"status": "affected", "version": "V1.22"}]}], "credits": [{"lang": "en", "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."}], "descriptions": [{"lang": "en", "value": "The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-427", "description": "CWE-427: Uncontrolled Search Path Element", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-17T20:11:17", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"}], "solutions": [{"lang": "en", "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."}], "source": {"discovery": "EXTERNAL"}, "title": "Softing Secure Integration Server Uncontrolled Search Path Element", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2022-2334", "STATE": "PUBLIC", "TITLE": "Softing Secure Integration Server Uncontrolled Search Path Element"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Secure Integration Server", "version": {"version_data": [{"version_affected": "=", "version_value": "V1.22"}]}}]}, "vendor_name": "Softing"}]}}, "credit": [{"lang": "eng", "value": "Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-427: Uncontrolled Search Path Element"}]}]}, "references": {"reference_data": [{"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04", "refsource": "CONFIRM", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"}, {"name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html", "refsource": "CONFIRM", "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"}]}, "solution": [{"lang": "en", "value": "Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."}], "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:32:09.402Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2022-2334", "datePublished": "2022-08-17T20:11:17", "dateReserved": "2022-07-06T00:00:00", "dateUpdated": "2024-08-03T00:32:09.402Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:softing:edgeaggregator:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "C0E07A55-5FA0-402D-BB22-FA8D3D8C484D", "vulnerable": true}, {"criteria": "cpe:2.3:a:softing:edgeconnector:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "62FE322E-A720-4E08-9058-3BAC295E720B", "vulnerable": true}, {"criteria": "cpe:2.3:a:softing:opc:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9916828-8213-47D4-B294-8112B241F32C", "vulnerable": true}, {"criteria": "cpe:2.3:a:softing:opc_ua_c\\+\\+_software_development_kit:6:*:*:*:*:*:*:*", "matchCriteriaId": "BA185EBD-8048-4B1C-A476-4AE61831ACF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:softing:secure_integration_server:1.22:*:*:*:*:*:*:*", "matchCriteriaId": "0BF8EC24-9C94-4C55-A496-5DD524B981C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:softing:uagates:1.74:*:*:*:*:*:*:*", "matchCriteriaId": "2DD68DEC-1E1C-456F-8FC2-F3EF9A72B012", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22."}, {"lang": "es", "value": "La aplicaci\u00f3n busca una biblioteca dll que no es encontrada. Si un atacante puede colocar una dll con este nombre, entonces el atacante puede aprovecharla para ejecutar c\u00f3digo arbitrario en Softing Secure Integration Server versi\u00f3n V1.22 objetivo."}], "id": "CVE-2022-2334", "lastModified": "2024-11-21T07:00:47.390", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2022-08-17T21:15:08.973", "references": [{"source": "[email protected]", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"}, {"source": "[email protected]", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "[email protected]", "type": "Secondary"}]}