Vulnerabilites related to Rockwell Automation - ISaGRAF Workbench
CVE-2022-2463 (GCVE-0-2022-2463)
Vulnerability from cvelistv5
Published
2022-08-25 17:24
Modified
2025-04-16 16:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | ISaGRAF Workbench |
Version: 6.0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2463",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:50:23.030384Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:11:52.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ISaGRAF Workbench",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "6.6.9",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-25T17:24:53.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ISaGRAF Workbench Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) CWE-22",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2022-2463",
"STATE": "PUBLIC",
"TITLE": "ISaGRAF Workbench Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) CWE-22"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ISaGRAF Workbench",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "6.0",
"version_value": "6.6.9"
}
]
}
}
]
},
"vendor_name": "Rockwell Automation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-2463",
"datePublished": "2022-08-25T17:24:53.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:11:52.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1118 (GCVE-0-2022-1118)
Vulnerability from cvelistv5
Published
2022-05-17 19:47
Modified
2025-04-16 17:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Summary
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Rockwell Automation | Connected Component Workbench |
Version: All < |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:23.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1118",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:29:15.658155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:54:25.317Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Connected Component Workbench",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "v13.00.00",
"status": "affected",
"version": "All ",
"versionType": "custom"
}
]
},
{
"product": "ISaGRAF Workbench",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "All v6.0 through v6.6.9"
}
]
},
{
"product": "Safety Instrumented Systems Workstation",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "v1.2 (for Trusted Controllers)",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-17T19:47:10.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
}
],
"source": {
"advisory": "ICSA-22-095-01",
"discovery": "UNKNOWN"
},
"title": "Rockwell Automation ISaGRAF Deserialization of Untrusted Data",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2022-1118",
"STATE": "PUBLIC",
"TITLE": "Rockwell Automation ISaGRAF Deserialization of Untrusted Data"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Connected Component Workbench",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All ",
"version_value": "v13.00.00"
}
]
}
},
{
"product_name": "ISaGRAF Workbench",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "v6.0 through v6.6.9"
}
]
}
},
{
"product_name": "Safety Instrumented Systems Workstation",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "v1.2 (for Trusted Controllers)"
}
]
}
}
]
},
"vendor_name": "Rockwell Automation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
}
]
},
"source": {
"advisory": "ICSA-22-095-01",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-1118",
"datePublished": "2022-05-17T19:47:10.000Z",
"dateReserved": "2022-03-28T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:54:25.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2464 (GCVE-0-2022-2464)
Vulnerability from cvelistv5
Published
2022-08-25 17:24
Modified
2025-04-16 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | ISaGRAF Workbench |
Version: 6.0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2464",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:27:56.423560Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:50:01.212Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ISaGRAF Workbench",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "6.6.9",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-25T17:24:59.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ISaGRAF Workbench Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) CWE-22",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2022-2464",
"STATE": "PUBLIC",
"TITLE": "ISaGRAF Workbench Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) CWE-22"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ISaGRAF Workbench",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "6.0",
"version_value": "6.6.9"
}
]
}
}
]
},
"vendor_name": "Rockwell Automation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-2464",
"datePublished": "2022-08-25T17:24:59.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:50:01.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2465 (GCVE-0-2022-2465)
Vulnerability from cvelistv5
Published
2022-08-25 17:25
Modified
2025-04-16 17:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Summary
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rockwell Automation | ISaGRAF Workbench |
Version: 6.0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2465",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:27:53.755145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:49:53.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ISaGRAF Workbench",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "6.6.9",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-25T17:25:07.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ISaGRAF Workbench Deserialization of Untrusted Data CWE-502",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2022-2465",
"STATE": "PUBLIC",
"TITLE": "ISaGRAF Workbench Deserialization of Untrusted Data CWE-502"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ISaGRAF Workbench",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "6.0",
"version_value": "6.6.9"
}
]
}
}
]
},
"vendor_name": "Rockwell Automation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-2465",
"datePublished": "2022-08-25T17:25:07.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:49:53.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-202207-1550
Vulnerability from variot
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-1550",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "isagraf workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.6.9"
},
{
"model": "isagraf workbench",
"scope": "gte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.0"
},
{
"model": "isagraf workbench",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "6.0 to 6.6.9"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-015410"
},
{
"db": "NVD",
"id": "CVE-2022-2464"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2126"
}
],
"trust": 0.6
},
"cve": "CVE-2022-2464",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-2464",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"id": "CVE-2022-2464",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-2464",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-2464",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2022-2464",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-2464",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-2126",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-015410"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2126"
},
{
"db": "NVD",
"id": "CVE-2022-2464"
},
{
"db": "NVD",
"id": "CVE-2022-2464"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-2464"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015410"
},
{
"db": "VULHUB",
"id": "VHN-427810"
},
{
"db": "VULMON",
"id": "CVE-2022-2464"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-2464",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-22-202-03",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU95712880",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015410",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.3567",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072218",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2126",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-427810",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-2464",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-427810"
},
{
"db": "VULMON",
"id": "CVE-2022-2464"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015410"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2126"
},
{
"db": "NVD",
"id": "CVE-2022-2464"
}
]
},
"id": "VAR-202207-1550",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-427810"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:53:10.531000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Rockwell Automation ISaGRAF Workbench Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=201002"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2126"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.1
},
{
"problemtype": "Path traversal (CWE-22) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-427810"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015410"
},
{
"db": "NVD",
"id": "CVE-2022-2464"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95712880/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2464"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-2464/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-202-03"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3567"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072218"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-427810"
},
{
"db": "VULMON",
"id": "CVE-2022-2464"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015410"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2126"
},
{
"db": "NVD",
"id": "CVE-2022-2464"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-427810"
},
{
"db": "VULMON",
"id": "CVE-2022-2464"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015410"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2126"
},
{
"db": "NVD",
"id": "CVE-2022-2464"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-25T00:00:00",
"db": "VULHUB",
"id": "VHN-427810"
},
{
"date": "2023-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-015410"
},
{
"date": "2022-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-2126"
},
{
"date": "2022-08-25T18:15:10.143000",
"db": "NVD",
"id": "CVE-2022-2464"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-427810"
},
{
"date": "2023-09-26T08:28:00",
"db": "JVNDB",
"id": "JVNDB-2022-015410"
},
{
"date": "2022-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-2126"
},
{
"date": "2022-08-27T03:29:27.817000",
"db": "NVD",
"id": "CVE-2022-2464"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2126"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell\u00a0Automation\u00a0 of \u00a0ISaGRAF\u00a0Workbench\u00a0 Past traversal vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-015410"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2126"
}
],
"trust": 0.6
}
}
var-202207-1552
Vulnerability from variot
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-1552",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "isagraf workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.6.9"
},
{
"model": "isagraf workbench",
"scope": "gte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.0"
},
{
"model": "isagraf workbench",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "6.0 to 6.6.9"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-015411"
},
{
"db": "NVD",
"id": "CVE-2022-2463"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2125"
}
],
"trust": 0.6
},
"cve": "CVE-2022-2463",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-2463",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2022-2463",
"impactScore": 3.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-2463",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-2463",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2022-2463",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2022-2463",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-2125",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-015411"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2125"
},
{
"db": "NVD",
"id": "CVE-2022-2463"
},
{
"db": "NVD",
"id": "CVE-2022-2463"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-2463"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015411"
},
{
"db": "VULHUB",
"id": "VHN-427811"
},
{
"db": "VULMON",
"id": "CVE-2022-2463"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-2463",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-22-202-03",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU95712880",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015411",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.3567",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072218",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2125",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-427811",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-2463",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-427811"
},
{
"db": "VULMON",
"id": "CVE-2022-2463"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015411"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2125"
},
{
"db": "NVD",
"id": "CVE-2022-2463"
}
]
},
"id": "VAR-202207-1552",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-427811"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:53:10.503000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Rockwell Automation ISaGRAF Workbench Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=201001"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2125"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.1
},
{
"problemtype": "Path traversal (CWE-22) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-427811"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015411"
},
{
"db": "NVD",
"id": "CVE-2022-2463"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95712880/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2463"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-2463/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-202-03"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3567"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072218"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-427811"
},
{
"db": "VULMON",
"id": "CVE-2022-2463"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015411"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2125"
},
{
"db": "NVD",
"id": "CVE-2022-2463"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-427811"
},
{
"db": "VULMON",
"id": "CVE-2022-2463"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015411"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2125"
},
{
"db": "NVD",
"id": "CVE-2022-2463"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-25T00:00:00",
"db": "VULHUB",
"id": "VHN-427811"
},
{
"date": "2023-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-015411"
},
{
"date": "2022-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-2125"
},
{
"date": "2022-08-25T18:15:10.067000",
"db": "NVD",
"id": "CVE-2022-2463"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-427811"
},
{
"date": "2023-09-26T08:28:00",
"db": "JVNDB",
"id": "JVNDB-2022-015411"
},
{
"date": "2022-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-2125"
},
{
"date": "2022-08-27T03:27:36.947000",
"db": "NVD",
"id": "CVE-2022-2463"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2125"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell\u00a0Automation\u00a0 of \u00a0ISaGRAF\u00a0Workbench\u00a0 Past traversal vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-015411"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2125"
}
],
"trust": 0.6
}
}
var-202203-1574
Vulnerability from variot
When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality. Rockwell Automation ISaGRAF is an automation software technology developed by Rockwell Automation in the United States for creating integrated automation solutions. It is designed to be scalable and portable, suitable for developing small controllers and large distributed automation systems
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-1574",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safety instrumented systems workstation",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "1.1"
},
{
"model": "isagraf",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.6.9"
},
{
"model": "connected components workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "12.0"
},
{
"model": "connected components workbench",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "safety instrumented systems workstation",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kimiya of Trend Micro\u2019s Zero Day Initiative reported this vulnerability to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
}
],
"trust": 0.6
},
"cve": "CVE-2022-1018",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2022-1018",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-417838",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-1018",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2022-001497",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-1018",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2022-1018",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2022-001497",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-2478",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-417838",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality. Rockwell Automation ISaGRAF is an automation software technology developed by Rockwell Automation in the United States for creating integrated automation solutions. It is designed to be scalable and portable, suitable for developing small controllers and large distributed automation systems",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-1018"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "VULHUB",
"id": "VHN-417838"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT",
"id": "ICSA-22-088-01",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2022-1018",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVNVU95792273",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.1331",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022033008",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-417838",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"id": "VAR-202203-1574",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
}
],
"trust": 0.58214287
},
"last_update_date": "2024-11-23T23:03:54.406000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VERSIONS Rockwell\u00a0Automation",
"trust": 0.8,
"url": "https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026mode=3\u0026refSoft=1\u0026versions=59954"
},
{
"title": "Rockwell Automation ISaGRAF Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=187203"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.1
},
{
"problemtype": "XML Improper restriction of external entity references (CWE-611) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95792273/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1331"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-088-01"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022033008"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-1018/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-01T00:00:00",
"db": "VULHUB",
"id": "VHN-417838"
},
{
"date": "2022-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"date": "2022-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"date": "2022-04-01T23:15:12.177000",
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-12T00:00:00",
"db": "VULHUB",
"id": "VHN-417838"
},
{
"date": "2022-07-26T08:30:00",
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"date": "2022-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"date": "2024-11-21T06:39:52.100000",
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell\u00a0Automation\u00a0 Made \u00a0ISaGRAF\u00a0 In \u00a0XML\u00a0 Improper restriction vulnerability in external entity reference",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
}
],
"trust": 0.6
}
}
var-202207-1551
Vulnerability from variot
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. (DoS) It may be in a state. Rockwell Automation ISaGRAF Workbench
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-1551",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "isagraf workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.6.9"
},
{
"model": "isagraf workbench",
"scope": "gte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.0"
},
{
"model": "isagraf workbench",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "6.0 to 6.6.9"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-015409"
},
{
"db": "NVD",
"id": "CVE-2022-2465"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2127"
}
],
"trust": 0.6
},
"cve": "CVE-2022-2465",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-2465",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-2465",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-2465",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-2465",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2022-2465",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-2465",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-2127",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-015409"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2127"
},
{
"db": "NVD",
"id": "CVE-2022-2465"
},
{
"db": "NVD",
"id": "CVE-2022-2465"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. (DoS) It may be in a state. Rockwell Automation ISaGRAF Workbench",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-2465"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015409"
},
{
"db": "VULHUB",
"id": "VHN-427809"
},
{
"db": "VULMON",
"id": "CVE-2022-2465"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-2465",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-22-202-03",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU95712880",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015409",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.3567",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072218",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2127",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-427809",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-2465",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-427809"
},
{
"db": "VULMON",
"id": "CVE-2022-2465"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015409"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2127"
},
{
"db": "NVD",
"id": "CVE-2022-2465"
}
]
},
"id": "VAR-202207-1551",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-427809"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:53:10.560000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Rockwell Automation ISaGRAF Workbench Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=201003"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2127"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-502",
"trust": 1.1
},
{
"problemtype": "Deserialization of untrusted data (CWE-502) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-427809"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015409"
},
{
"db": "NVD",
"id": "CVE-2022-2465"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95712880/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2465"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-2465/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-202-03"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3567"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072218"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-427809"
},
{
"db": "VULMON",
"id": "CVE-2022-2465"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015409"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2127"
},
{
"db": "NVD",
"id": "CVE-2022-2465"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-427809"
},
{
"db": "VULMON",
"id": "CVE-2022-2465"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-015409"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-2127"
},
{
"db": "NVD",
"id": "CVE-2022-2465"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-25T00:00:00",
"db": "VULHUB",
"id": "VHN-427809"
},
{
"date": "2023-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-015409"
},
{
"date": "2022-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-2127"
},
{
"date": "2022-08-25T18:15:10.223000",
"db": "NVD",
"id": "CVE-2022-2465"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-427809"
},
{
"date": "2023-09-26T08:28:00",
"db": "JVNDB",
"id": "JVNDB-2022-015409"
},
{
"date": "2022-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-2127"
},
{
"date": "2022-08-27T03:30:06.010000",
"db": "NVD",
"id": "CVE-2022-2465"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2127"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell\u00a0Automation\u00a0 of \u00a0ISaGRAF\u00a0Workbench\u00a0 Untrusted Data Deserialization Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-015409"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-2127"
}
],
"trust": 0.6
}
}
var-202204-1280
Vulnerability from variot
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited. Rockwell Automation Provided by ISaGRAF Deserialization of untrusted data ( CWE-502 , CVE-2022-1118 ) Is vulnerable.By opening a specially crafted, malicious file, an attacker may be able to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of CCWARC files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-1280",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "connected components workbench",
"scope": null,
"trust": 3.6,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.6.9"
},
{
"model": "isagraf workbench",
"scope": "gte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.0"
},
{
"model": "connected component workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "13.00.00"
},
{
"model": "safety instrumented systems workstation",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "1.2"
},
{
"model": "isagraf workbench",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "safety instrumented systems workstation",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "v1.2 and earlier (trusted controller for )"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kimiya",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
}
],
"trust": 2.8
},
"cve": "CVE-2022-1118",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2022-1118",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-418892",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-1118",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-1118",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-1118",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2022-001527",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2022-1118",
"trust": 2.8,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-1118",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2022-1118",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-1118",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-2525",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-418892",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-1118",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited. Rockwell Automation Provided by ISaGRAF Deserialization of untrusted data ( CWE-502 , CVE-2022-1118 ) Is vulnerable.By opening a specially crafted, malicious file, an attacker may be able to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of CCWARC files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
}
],
"trust": 4.32
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-1118",
"trust": 6.2
},
{
"db": "ICS CERT",
"id": "ICSA-22-095-01",
"trust": 2.6
},
{
"db": "ZDI",
"id": "ZDI-22-589",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU99485677",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15176",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15175",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-588",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15174",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-587",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15173",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-586",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2022040601",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-418892",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-1118",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"id": "VAR-202204-1280",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-418892"
}
],
"trust": 0.58214287
},
"last_update_date": "2024-11-23T22:29:01.209000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Rockwell Automation has issued an update to correct this vulnerability.",
"trust": 2.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
},
{
"title": "Connected\u00a0Components\u00a0Workbench\u00a020.00.00 Rockwell\u00a0Automation",
"trust": 0.8,
"url": "https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026mode=3\u0026refSoft=1\u0026versions=59954"
},
{
"title": "Rockwell Automation Connected Components Workbench Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198460"
},
{
"title": "cve-2022-1118",
"trust": 0.1,
"url": "https://github.com/git-cve-updater/cve-2022-1118 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-502",
"trust": 1.1
},
{
"problemtype": "Deserialization of untrusted data (CWE-502) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.5,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99485677/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1118"
},
{
"trust": 0.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-589/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-095-01"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-1118/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022040601"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/502.html"
},
{
"trust": 0.1,
"url": "https://github.com/git-cve-updater/cve-2022-1118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"date": "2022-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-418892"
},
{
"date": "2022-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"date": "2022-04-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"date": "2022-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"date": "2022-05-17T20:15:08.173000",
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"date": "2022-05-26T00:00:00",
"db": "VULHUB",
"id": "VHN-418892"
},
{
"date": "2022-05-26T00:00:00",
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"date": "2024-06-18T08:48:00",
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"date": "2024-11-21T06:40:05.017000",
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
}
],
"trust": 2.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
}
],
"trust": 0.6
}
}