CVE-2022-2485 - Vulnerability Details

Any attempt (good or bad) to log into AutomationDirect Stride Field I/O with a web browser may result in the device responding with its password in the communication packets.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00107.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Automationdirect	Sio-mb04ads Sio-mb04ads Firmware Sio-mb04das Sio-mb04das Firmware Sio-mb04rtds Sio-mb04rtds Firmware Sio-mb04thms Sio-mb04thms Firmware Sio-mb08ads-1 Sio-mb08ads-1 Firmware Sio-mb08ads-2 Sio-mb08ads-2 Firmware Sio-mb08thms Sio-mb08thms Firmware Sio-mb12cdr Sio-mb12cdr Firmware Sio-mb16cdd2 Sio-mb16cdd2 Firmware Sio-mb16nd3 Sio-mb16nd3 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:automationdirect:sio-mb04rtds_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb04rtds:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:automationdirect:sio-mb04ads_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb04ads:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:automationdirect:sio-mb04thms_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb04thms:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:automationdirect:sio-mb08ads-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb08ads-1:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:automationdirect:sio-mb08ads-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb08ads-2:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:automationdirect:sio-mb08thms_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb08thms:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:automationdirect:sio-mb04das_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb04das:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:automationdirect:sio-mb12cdr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb12cdr:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:automationdirect:sio-mb16cdd2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb16cdd2:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:automationdirect:sio-mb16nd3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:sio-mb16nd3:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2022-34744	Any attempt (good or bad) to log into AutomationDirect Stride Field I/O with a web browser may result in the device responding with its password in the communication packets.

Fixes

Solution

AutomationDirect recommends users upgrade the Stride Modbus Field I/O units listed in the affected products section with the firmware associated with the part number. Firmware can be downloaded from the AutomationDirect software downloads page. The modules with a listed B/N number in the affected products section have a firmware update issue and must be returned to AutomationDirect for replacement modules; users can create an RMA on the AutomationDirect website. Automation networks and systems may have built-in password protection schemes, but this is only one step in securing systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products and SCADA systems perform their own network security analysis to determine the proper level of security required for their application. See AutomationDirect product advisory number PA-COM-006 for more information.

Workaround

AutomationDirect has identified the specific mitigation actions listed below: Secure physical access. Isolate and air gap networks when possible. Follow the security considerations in the Automation Direct Security Considerations document. https://support.automationdirect.com/docs/securityconsiderations.pdf

References

Link	Providers
https://cdn.automationdirect.com/static/firmware/product_advisory/PA-COM-006.pdf
https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-05

History

Wed, 16 Apr 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2022-08-31T15:59:34.000Z

Updated: 2025-04-16T17:49:04.112Z

Reserved: 2022-07-19T00:00:00.000Z

Link: CVE-2022-2485

Vulnrichment

Updated: 2024-08-03T00:39:07.846Z

NVD

Status : Modified

Published: 2022-08-31T16:15:10.993

Modified: 2024-11-21T07:01:05.557

Link: CVE-2022-2485

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object