CVE-2022-2967 - OpenCVE

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Prosysopc	Ua Modbus Server Ua Simulation Server

Configuration 1 [-]

OR	cpe:2.3:a:prosysopc:ua_modbus_server::::::::
	cpe:2.3:a:prosysopc:ua_simulation_server::::::::

No data.

References

Link	Providers
https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01
https://www.prosysopc.com/blog/#Security

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-01-03T21:24:21.098Z

Updated: 2024-08-03T00:53:00.627Z

Reserved: 2022-08-23T15:17:49.768Z

Link: CVE-2022-2967

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-01-03T22:15:11.757

Modified: 2023-01-10T16:38:23.107

Link: CVE-2022-2967

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-2967", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2022-08-23T15:17:49.768Z", "datePublished": "2023-01-03T21:24:21.098Z", "dateUpdated": "2024-08-03T00:53:00.627Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "UA Simulation Server", "vendor": "Prosys OPC", "versions": [{"lessThan": "5.3.0-64", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "UA Modbus Server", "vendor": "Prosys OPC", "versions": [{"lessThanOrEqual": "1.4.18-5", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Parvin Kumar, Dr. Sriharsha Etigowni, and Prof. Dongyan Xu of Purdue University West Lafayette reported this vulnerability to CISA."}], "datePublic": "2022-12-15T18:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."}], "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-01-03T21:24:21.098Z"}, "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"}, {"url": "https://www.prosysopc.com/blog/#Security"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Prosys has released updates for the following products:<br>\u2022 UA Simulation Server: Update to v5.4.0<br>\u2022 UA Modbus Server: Update to 1.4.20<br><br>"}], "value": "Prosys has released updates for the following products:\n\u2022 UA Simulation Server: Update to v5.4.0\n\u2022 UA Modbus Server: Update to 1.4.20\n\n"}], "source": {"advisory": "ICSA-22-349-01", "discovery": "EXTERNAL"}, "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n<p>Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:</p>\n\n<ul><li>Restart the application after modifying user passwords.</li>\n</ul><p>For more information, users can refer to the Prosys OPC <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.prosysopc.com/blog/#Security\">security blog</a><span style=\"background-color: var(--wht);\">.</span></p>"}], "value": "Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:\n\n\n\n * Restart the application after modifying user passwords.\n\n\n\nFor more information, users can refer to the Prosys OPC security blog https://www.prosysopc.com/blog/#Security .\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:53:00.627Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01", "tags": ["x_transferred"]}, {"url": "https://www.prosysopc.com/blog/#Security", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:prosysopc:ua_modbus_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBD45F09-929C-4DFC-844D-3AC4E00F4F66", "versionEndExcluding": "1.4.20", "vulnerable": true}, {"criteria": "cpe:2.3:a:prosysopc:ua_simulation_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C7B35D9-620E-45A2-8717-91ACD9FFB3FD", "versionEndExcluding": "5.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."}, {"lang": "es", "value": "La versi\u00f3n del servidor de simulaci\u00f3n Prosys OPC UA anterior a la v5.3.0-64 y las versiones del UA Modbus Server 1.4.18-5 y anteriores no protegen suficientemente las credenciales, lo que podr\u00eda permitir a un atacante obtener credenciales de usuario y acceder a los datos del sistema."}], "id": "CVE-2022-2967", "lastModified": "2023-01-10T16:38:23.107", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-01-03T22:15:11.757", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Vendor Advisory"], "url": "https://www.prosysopc.com/blog/#Security"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}