CVE-2021-32942 - OpenCVE

The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Aveva	Intouch 2017 Intouch 2020

Configuration 1 [-]

OR	cpe:2.3:a:aveva:intouch_2017:-:update3::::::
	cpe:2.3:a:aveva:intouch_2020:-:::::::*
	cpe:2.3:a:aveva:intouch_2020:r2:::::::*

No data.

References

Link	Providers
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03
https://www.aveva.com/en/support/cyber-security-updates/

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2021-06-09T16:06:26.984385Z

Updated: 2024-09-17T03:17:35.496Z

Reserved: 2021-05-13T00:00:00

Link: CVE-2021-32942

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-06-09T17:15:07.737

Modified: 2022-10-25T19:38:40.993

Link: CVE-2021-32942

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "InTouch", "vendor": "AVEVA", "versions": [{"lessThanOrEqual": "2020 R2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Ilya Karpov, Evgeniy Druzhinin, and Konstantin Kondratev of Rostelecom-Solar reported this vulnerability to AVEVA."}], "datePublic": "2021-06-08T00:00:00", "descriptions": [{"lang": "en", "value": "The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-316", "description": "CLEARTEXT STORAGE OF SENSITIVE INFORMATION IN MEMORY CWE-316", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-09T16:06:26", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03"}, {"tags": ["x_refsource_MISC"], "url": "https://www.aveva.com/en/support/cyber-security-updates/"}], "solutions": [{"lang": "en", "value": "AVEVA recommends organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\nUsers of InTouch 2020 R2 and all prior versions are affected and should first upgrade to one of the versions listed below, then apply the corresponding security update:\n\n InTouch 2020 R2: Update to InTouch 2020 R2 P01\n\nInTouch 2020: Update to Security Update 1216934InTouch 2017 U3 SP1 P01: Update to Security Update 1216933"}], "source": {"advisory": "ICSA-21-159-03 - AVEVA InTouch", "defect": ["CLEARTEXT", "STORAGE", "OF", "SENSITIVE", "INFORMATION", "IN", "MEMORY", "CWE-316"], "discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "DATE_PUBLIC": "2021-06-08T00:00:00.000Z", "ID": "CVE-2021-32942", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "InTouch", "version": {"version_data": [{"version_affected": "<=", "version_value": "2020 R2"}]}}]}, "vendor_name": "AVEVA"}]}}, "credit": [{"lang": "eng", "value": "Ilya Karpov, Evgeniy Druzhinin, and Konstantin Kondratev of Rostelecom-Solar reported this vulnerability to AVEVA."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CLEARTEXT STORAGE OF SENSITIVE INFORMATION IN MEMORY CWE-316"}]}]}, "references": {"reference_data": [{"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03"}, {"name": "https://www.aveva.com/en/support/cyber-security-updates/", "refsource": "MISC", "url": "https://www.aveva.com/en/support/cyber-security-updates/"}]}, "solution": [{"lang": "en", "value": "AVEVA recommends organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.\n\nUsers of InTouch 2020 R2 and all prior versions are affected and should first upgrade to one of the versions listed below, then apply the corresponding security update:\n\n InTouch 2020 R2: Update to InTouch 2020 R2 P01\n\nInTouch 2020: Update to Security Update 1216934InTouch 2017 U3 SP1 P01: Update to Security Update 1216933"}], "source": {"advisory": "ICSA-21-159-03 - AVEVA InTouch", "defect": ["CLEARTEXT", "STORAGE", "OF", "SENSITIVE", "INFORMATION", "IN", "MEMORY", "CWE-316"], "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:33:55.966Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.aveva.com/en/support/cyber-security-updates/"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2021-32942", "datePublished": "2021-06-09T16:06:26.984385Z", "dateReserved": "2021-05-13T00:00:00", "dateUpdated": "2024-09-17T03:17:35.496Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:aveva:intouch_2017:-:update3:*:*:*:*:*:*", "matchCriteriaId": "3B981232-15DD-4AA5-9F13-5908BCC6E56B", "vulnerable": true}, {"criteria": "cpe:2.3:a:aveva:intouch_2020:-:*:*:*:*:*:*:*", "matchCriteriaId": "EADAE6E9-745F-4D31-8D30-AE0291E0E114", "vulnerable": true}, {"criteria": "cpe:2.3:a:aveva:intouch_2020:r2:*:*:*:*:*:*:*", "matchCriteriaId": "DB4919BB-CBEA-4F32-B780-1F382C8934D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location."}, {"lang": "es", "value": "La vulnerabilidad podr\u00eda exponer credenciales en texto sin cifrar de AVEVA InTouch Runtime 2020 R2 y todas las versiones anteriores (WindowViewer) si un usuario autorizado privilegiado crea un volcado de memoria de diagn\u00f3stico del proceso y lo guarda en una ubicaci\u00f3n no protegida"}], "id": "CVE-2021-32942", "lastModified": "2022-10-25T19:38:40.993", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.2, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2021-06-09T17:15:07.737", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-03"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.aveva.com/en/support/cyber-security-updates/"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-312"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-316"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}