CVE-2022-1596 - OpenCVE

Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Abb	Rex640 Pcl1 Rex640 Pcl1 Firmware Rex640 Pcl2 Rex640 Pcl2 Firmware Rex640 Pcl3 Rex640 Pcl3 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:abb:rex640_pcl1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:rex640_pcl1:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:abb:rex640_pcl2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:rex640_pcl2:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:abb:rex640_pcl3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:rex640_pcl3:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421

History

No history.

MITRE

Status: PUBLISHED

Assigner: ABB

Published: 2022-06-21T14:23:42.343945Z

Updated: 2024-09-16T23:11:43.087Z

Reserved: 2022-05-05T00:00:00

Link: CVE-2022-1596

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-06-21T15:15:08.247

Modified: 2022-06-29T14:27:08.583

Link: CVE-2022-1596

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "REX640 PCL1", "vendor": "ABB", "versions": [{"lessThanOrEqual": "1.0.7", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "REX640 PCL2", "vendor": "ABB", "versions": [{"lessThan": "1.1.4", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "REX640 PCL3", "vendor": "ABB", "versions": [{"lessThan": "1.2.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG's OT Cyber Security Lab for helping to identify the vulnerabilities and protecting our customers."}], "datePublic": "2022-06-21T00:00:00", "descriptions": [{"lang": "en", "value": "Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-06-21T14:23:42", "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"}], "source": {"discovery": "UNKNOWN"}, "title": "ABB Relion REX640 Insufficient file access control", "workarounds": [{"lang": "en", "value": "Although these workarounds will not correct the underlying vulnerability, they can help blocking known \nattack vectors. \n\u2022 Limit the HTTP(s) and FTP(S) to a local network by a firewall\n\u2022 Use a next generation (OSI layer 7) firewall for blocking the traffic to the userdb.xml file\n\u2022 Disable remote WHMI and FTP(S) and use local HMI only"}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@ch.abb.com", "DATE_PUBLIC": "2022-06-21T12:22:00.000Z", "ID": "CVE-2022-1596", "STATE": "PUBLIC", "TITLE": "ABB Relion REX640 Insufficient file access control"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "REX640 PCL1", "version": {"version_data": [{"version_affected": "<=", "version_value": "1.0.7"}]}}, {"product_name": "REX640 PCL2", "version": {"version_data": [{"version_affected": "<", "version_value": "1.1.4"}]}}, {"product_name": "REX640 PCL3", "version": {"version_data": [{"version_affected": "<", "version_value": "1.2.1"}]}}]}, "vendor_name": "ABB"}]}}, "credit": [{"lang": "eng", "value": "ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG's OT Cyber Security Lab for helping to identify the vulnerabilities and protecting our customers."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}]}, "references": {"reference_data": [{"name": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421", "refsource": "MISC", "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"}]}, "source": {"discovery": "UNKNOWN"}, "work_around": [{"lang": "en", "value": "Although these workarounds will not correct the underlying vulnerability, they can help blocking known \nattack vectors. \n\u2022 Limit the HTTP(s) and FTP(S) to a local network by a firewall\n\u2022 Use a next generation (OSI layer 7) firewall for blocking the traffic to the userdb.xml file\n\u2022 Disable remote WHMI and FTP(S) and use local HMI only"}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:10:03.785Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"}]}]}, "cveMetadata": {"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "assignerShortName": "ABB", "cveId": "CVE-2022-1596", "datePublished": "2022-06-21T14:23:42.343945Z", "dateReserved": "2022-05-05T00:00:00", "dateUpdated": "2024-09-16T23:11:43.087Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abb:rex640_pcl1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9157F421-659A-4EE8-8622-58C6928A0FB5", "versionEndIncluding": "1.0.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abb:rex640_pcl1:-:*:*:*:*:*:*:*", "matchCriteriaId": "9256FAAB-77CF-482C-B736-FC99885C89D7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abb:rex640_pcl2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBE1B4D1-27C7-4EA9-ADA5-A7FE42E04FF6", "versionEndExcluding": "1.1.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abb:rex640_pcl2:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE78102B-C672-4969-8B82-FE5ACE2FFC71", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abb:rex640_pcl3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3973E21-DF2C-47BB-8C03-6FA027018873", "versionEndExcluding": "1.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abb:rex640_pcl3:-:*:*:*:*:*:*:*", "matchCriteriaId": "90916E18-27EF-46C7-979B-19D53F901CC7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node."}, {"lang": "es", "value": "Una vulnerabilidad de Asignaci\u00f3n incorrecta de permisos para recursos cr\u00edticos en ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 permite a un atacante autenticado lanzar un ataque contra el archivo de la base de datos del usuario e intentar tomar el control de un nodo del sistema afectado"}], "id": "CVE-2022-1596", "lastModified": "2022-06-29T14:27:08.583", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}, "published": "2022-06-21T15:15:08.247", "references": [{"source": "cybersecurity@ch.abb.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"}], "sourceIdentifier": "cybersecurity@ch.abb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-732"}], "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}