CVE-2022-4780 - Vulnerability Details - OpenCVE

Description

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.

Published: 2022-12-28

Score: 4.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

elvexys

ISOS

unaffected

Version	Status	Constraints
`1.81`	affected	≤ 2.00

Configuration 1 [-]

cpe:2.3:o:elvexys:isos_firmware:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

Vendor Solution

ISOS firmwares from version 2.01 force the user to change the default credentials during the first login. For ISOS fimwares up to version 2.00, the default credentials must be changed by the user as documented in the « Initial staging » and « User access » chapters.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2022-52076	ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00051.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/isos-release-notes/

History

Thu, 10 Apr 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

Elvexys Isos Firmware

MITRE

Status: PUBLISHED

Assigner: NCSC.ch

Published: 2022-12-28T14:21:36.185Z

Updated: 2025-04-10T20:31:03.789Z

Reserved: 2022-12-28T09:17:05.953Z

Link: CVE-2022-4780

Vulnrichment

Updated: 2024-08-03T01:48:40.472Z

NVD

Status : Modified

Published: 2022-12-29T00:15:09.657

Modified: 2024-11-21T07:35:55.720

Link: CVE-2022-4780

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-798

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-4780", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "state": "PUBLISHED", "assignerShortName": "NCSC.ch", "dateReserved": "2022-12-28T09:17:05.953Z", "datePublished": "2022-12-28T14:21:36.185Z", "dateUpdated": "2025-04-10T20:31:03.789Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ISOS", "vendor": "elvexys", "versions": [{"lessThanOrEqual": "2.00", "status": "affected", "version": "1.81", "versionType": "patch"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Damian Pfammatter, Cyber-Defense Campus, armasuisse S+T"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Daniel Hulliger, Cyber-Defense Campus, armasuisse S+T"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "ISOS firmwares from <b>versions 1.81 to 2.00 </b>contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.<br>"}], "value": "ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2022-12-28T23:29:52.525Z"}, "references": [{"tags": ["release-notes"], "url": "https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/isos-release-notes/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "ISOS firmwares from version 2.01 force the user to change the default credentials during the first login.<br>For\n ISOS fimwares up to version 2.00, the default credentials must be \nchanged by the user as documented in the \u00ab Initial staging \u00bb and \u00ab User \naccess \u00bb chapters. "}], "value": "ISOS firmwares from version 2.01 force the user to change the default credentials during the first login.\nFor\n ISOS fimwares up to version 2.00, the default credentials must be \nchanged by the user as documented in the \u00ab Initial staging \u00bb and \u00ab User \naccess \u00bb chapters. "}], "source": {"discovery": "EXTERNAL"}, "title": "hard coded credentials in elvexys ISOS firmwares", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:48:40.472Z"}, "title": "CVE Program Container", "references": [{"tags": ["release-notes", "x_transferred"], "url": "https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/isos-release-notes/"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-10T20:30:46.383689Z", "id": "CVE-2022-4780", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-10T20:31:03.789Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/isos-release-notes/", "tags": ["release-notes", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:48:40.472Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-4780", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-10T20:30:46.383689Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-10T20:30:57.991Z"}}], "cna": {"title": "hard coded credentials in elvexys ISOS firmwares", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Damian Pfammatter, Cyber-Defense Campus, armasuisse S+T"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Daniel Hulliger, Cyber-Defense Campus, armasuisse S+T"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "elvexys", "product": "ISOS", "versions": [{"status": "affected", "version": "1.81", "versionType": "patch", "lessThanOrEqual": "2.00"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "ISOS firmwares from version 2.01 force the user to change the default credentials during the first login.\nFor\n ISOS fimwares up to version 2.00, the default credentials must be \nchanged by the user as documented in the \u00ab Initial staging \u00bb and \u00ab User \naccess \u00bb chapters. ", "supportingMedia": [{"type": "text/html", "value": "ISOS firmwares from version 2.01 force the user to change the default credentials during the first login.<br>For\n ISOS fimwares up to version 2.00, the default credentials must be \nchanged by the user as documented in the \u00ab Initial staging \u00bb and \u00ab User \naccess \u00bb chapters. ", "base64": false}]}], "references": [{"url": "https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/isos-release-notes/", "tags": ["release-notes"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.\n", "supportingMedia": [{"type": "text/html", "value": "ISOS firmwares from <b>versions 1.81 to 2.00 </b>contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2022-12-28T23:29:52.525Z"}}}, "cveMetadata": {"cveId": "CVE-2022-4780", "state": "PUBLISHED", "dateUpdated": "2025-04-10T20:31:03.789Z", "dateReserved": "2022-12-28T09:17:05.953Z", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "datePublished": "2022-12-28T14:21:36.185Z", "assignerShortName": "NCSC.ch"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:elvexys:isos_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D7B2E55-E039-4214-9BD6-7287B4344D3B", "versionEndIncluding": "2.00", "versionStartIncluding": "1.81", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.\n"}, {"lang": "es", "value": "Los firmware ISOS de las versiones 1.81 a 2.00 contienen credenciales codificadas del instalador StreamX integrado que los integradores no est\u00e1n obligados a cambiar."}], "id": "CVE-2022-4780", "lastModified": "2024-11-21T07:35:55.720", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.4, "source": "vulnerability@ncsc.ch", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-29T00:15:09.657", "references": [{"source": "vulnerability@ncsc.ch", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/isos-release-notes/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/isos-release-notes/"}], "sourceIdentifier": "vulnerability@ncsc.ch", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}