Vulnerabilites related to Rockwell Automation - Safety Instrumented Systems Workstation
CVE-2022-1018 (GCVE-0-2022-1018)
Vulnerability from cvelistv5
Published
2022-04-01 22:17
Modified
2025-04-16 16:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Summary
When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Rockwell Automation | Connected Component Workbench |
Version: All < 12 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1018",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:54:59.168246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:32:28.157Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Connected Component Workbench",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThan": "12",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "ISaGRAF",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThan": "6.6.9",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
},
{
"product": "Safety Instrumented Systems Workstation",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThan": "1.1",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "kimiya of Trend Micro\u2019s Zero Day Initiative reported this vulnerability to CISA."
}
],
"datePublic": "2022-03-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-01T22:17:24.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Rockwell Automation encourages users to update to the available software revisions below:\n\nConnected Component Workbench: Update to v13.00\nISaGRAF Workbench: For now, use mitigations listed until a patch is released. More mitigation actions are planned.\nSafety Instrumented Systems Workstation: Update to v1.2"
}
],
"source": {
"advisory": "ICSA-22-088-01",
"discovery": "EXTERNAL"
},
"title": "ICSA-22-088-01 Rockwell Automation ISaGRAF",
"workarounds": [
{
"lang": "en",
"value": "If an upgrade is not possible or available, users should apply the following mitigations:\n\nRun Connected Components Workbench as a User, not as an Administrator, to minimize the impact of malicious code on the infected system.\nDo not open untrusted files with Connected Component Workbench, ISaGRAF, SISW. Employ training and awareness programs to educate users on the warning signs of a phishing or social engineering attack.\nUse Microsoft AppLocker or other similar allow list application to help mitigate risk. Information on using AppLocker with Rockwell Automation products is available at KnowledgeBase Article QA17329\nEnsure the least-privilege user principle is followed, and user/service account access to shared resources (such as a database) is only granted with a minimum number of rights as needed."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-03-29T17:00:00.000Z",
"ID": "CVE-2022-1018",
"STATE": "PUBLIC",
"TITLE": "ICSA-22-088-01 Rockwell Automation ISaGRAF"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Connected Component Workbench",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "12"
}
]
}
},
{
"product_name": "ISaGRAF",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "6.6.9"
}
]
}
},
{
"product_name": "Safety Instrumented Systems Workstation",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "All",
"version_value": "1.1"
}
]
}
}
]
},
"vendor_name": "Rockwell Automation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "kimiya of Trend Micro\u2019s Zero Day Initiative reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611 Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Rockwell Automation encourages users to update to the available software revisions below:\n\nConnected Component Workbench: Update to v13.00\nISaGRAF Workbench: For now, use mitigations listed until a patch is released. More mitigation actions are planned.\nSafety Instrumented Systems Workstation: Update to v1.2"
}
],
"source": {
"advisory": "ICSA-22-088-01",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "If an upgrade is not possible or available, users should apply the following mitigations:\n\nRun Connected Components Workbench as a User, not as an Administrator, to minimize the impact of malicious code on the infected system.\nDo not open untrusted files with Connected Component Workbench, ISaGRAF, SISW. Employ training and awareness programs to educate users on the warning signs of a phishing or social engineering attack.\nUse Microsoft AppLocker or other similar allow list application to help mitigate risk. Information on using AppLocker with Rockwell Automation products is available at KnowledgeBase Article QA17329\nEnsure the least-privilege user principle is followed, and user/service account access to shared resources (such as a database) is only granted with a minimum number of rights as needed."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-1018",
"datePublished": "2022-04-01T22:17:24.599Z",
"dateReserved": "2022-03-17T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:32:28.157Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1118 (GCVE-0-2022-1118)
Vulnerability from cvelistv5
Published
2022-05-17 19:47
Modified
2025-04-16 17:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Summary
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Rockwell Automation | Connected Component Workbench |
Version: All < |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:23.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-1118",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:29:15.658155Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:54:25.317Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Connected Component Workbench",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "v13.00.00",
"status": "affected",
"version": "All ",
"versionType": "custom"
}
]
},
{
"product": "ISaGRAF Workbench",
"vendor": "Rockwell Automation",
"versions": [
{
"status": "affected",
"version": "All v6.0 through v6.6.9"
}
]
},
{
"product": "Safety Instrumented Systems Workstation",
"vendor": "Rockwell Automation",
"versions": [
{
"lessThanOrEqual": "v1.2 (for Trusted Controllers)",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-17T19:47:10.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
}
],
"source": {
"advisory": "ICSA-22-095-01",
"discovery": "UNKNOWN"
},
"title": "Rockwell Automation ISaGRAF Deserialization of Untrusted Data",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2022-1118",
"STATE": "PUBLIC",
"TITLE": "Rockwell Automation ISaGRAF Deserialization of Untrusted Data"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Connected Component Workbench",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All ",
"version_value": "v13.00.00"
}
]
}
},
{
"product_name": "ISaGRAF Workbench",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "v6.0 through v6.6.9"
}
]
}
},
{
"product_name": "Safety Instrumented Systems Workstation",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "v1.2 (for Trusted Controllers)"
}
]
}
}
]
},
"vendor_name": "Rockwell Automation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
}
]
},
"source": {
"advisory": "ICSA-22-095-01",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-1118",
"datePublished": "2022-05-17T19:47:10.000Z",
"dateReserved": "2022-03-28T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:54:25.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-202204-1280
Vulnerability from variot
Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited. Rockwell Automation Provided by ISaGRAF Deserialization of untrusted data ( CWE-502 , CVE-2022-1118 ) Is vulnerable.By opening a specially crafted, malicious file, an attacker may be able to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of CCWARC files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-1280",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "connected components workbench",
"scope": null,
"trust": 3.6,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.6.9"
},
{
"model": "isagraf workbench",
"scope": "gte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.0"
},
{
"model": "connected component workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "13.00.00"
},
{
"model": "safety instrumented systems workstation",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "1.2"
},
{
"model": "isagraf workbench",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "safety instrumented systems workstation",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "v1.2 and earlier (trusted controller for )"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kimiya",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
}
],
"trust": 2.8
},
"cve": "CVE-2022-1118",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2022-1118",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-418892",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-1118",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-1118",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ics-cert@hq.dhs.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-1118",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2022-001527",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2022-1118",
"trust": 2.8,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-1118",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2022-1118",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-1118",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-2525",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-418892",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-1118",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited. Rockwell Automation Provided by ISaGRAF Deserialization of untrusted data ( CWE-502 , CVE-2022-1118 ) Is vulnerable.By opening a specially crafted, malicious file, an attacker may be able to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of CCWARC files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
}
],
"trust": 4.32
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-1118",
"trust": 6.2
},
{
"db": "ICS CERT",
"id": "ICSA-22-095-01",
"trust": 2.6
},
{
"db": "ZDI",
"id": "ZDI-22-589",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU99485677",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15176",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15175",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-588",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15174",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-587",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15173",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-22-586",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2022040601",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-418892",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-1118",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"id": "VAR-202204-1280",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-418892"
}
],
"trust": 0.58214287
},
"last_update_date": "2024-11-23T22:29:01.209000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Rockwell Automation has issued an update to correct this vulnerability.",
"trust": 2.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
},
{
"title": "Connected\u00a0Components\u00a0Workbench\u00a020.00.00 Rockwell\u00a0Automation",
"trust": 0.8,
"url": "https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026mode=3\u0026refSoft=1\u0026versions=59954"
},
{
"title": "Rockwell Automation Connected Components Workbench Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198460"
},
{
"title": "cve-2022-1118",
"trust": 0.1,
"url": "https://github.com/git-cve-updater/cve-2022-1118 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-502",
"trust": 1.1
},
{
"problemtype": "Deserialization of untrusted data (CWE-502) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 5.5,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99485677/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1118"
},
{
"trust": 0.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-589/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-095-01"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-1118/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022040601"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/502.html"
},
{
"trust": 0.1,
"url": "https://github.com/git-cve-updater/cve-2022-1118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"db": "VULHUB",
"id": "VHN-418892"
},
{
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"date": "2022-05-17T00:00:00",
"db": "VULHUB",
"id": "VHN-418892"
},
{
"date": "2022-05-17T00:00:00",
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"date": "2022-04-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"date": "2022-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"date": "2022-05-17T20:15:08.173000",
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"date": "2022-04-08T00:00:00",
"db": "ZDI",
"id": "ZDI-22-586"
},
{
"date": "2022-05-26T00:00:00",
"db": "VULHUB",
"id": "VHN-418892"
},
{
"date": "2022-05-26T00:00:00",
"db": "VULMON",
"id": "CVE-2022-1118"
},
{
"date": "2024-06-18T08:48:00",
"db": "JVNDB",
"id": "JVNDB-2022-001527"
},
{
"date": "2022-07-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2525"
},
{
"date": "2024-11-21T06:40:05.017000",
"db": "NVD",
"id": "CVE-2022-1118"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-589"
},
{
"db": "ZDI",
"id": "ZDI-22-588"
},
{
"db": "ZDI",
"id": "ZDI-22-587"
},
{
"db": "ZDI",
"id": "ZDI-22-586"
}
],
"trust": 2.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2525"
}
],
"trust": 0.6
}
}
var-202203-1574
Vulnerability from variot
When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality. Rockwell Automation ISaGRAF is an automation software technology developed by Rockwell Automation in the United States for creating integrated automation solutions. It is designed to be scalable and portable, suitable for developing small controllers and large distributed automation systems
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-1574",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safety instrumented systems workstation",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "1.1"
},
{
"model": "isagraf",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "6.6.9"
},
{
"model": "connected components workbench",
"scope": "lte",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "12.0"
},
{
"model": "connected components workbench",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "isagraf workbench",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": "safety instrumented systems workstation",
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kimiya of Trend Micro\u2019s Zero Day Initiative reported this vulnerability to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
}
],
"trust": 0.6
},
"cve": "CVE-2022-1018",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2022-1018",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-417838",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2022-1018",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 5.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2022-001497",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-1018",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2022-1018",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "OTHER",
"id": "JVNDB-2022-001497",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-2478",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-417838",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality. Rockwell Automation ISaGRAF is an automation software technology developed by Rockwell Automation in the United States for creating integrated automation solutions. It is designed to be scalable and portable, suitable for developing small controllers and large distributed automation systems",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-1018"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "VULHUB",
"id": "VHN-417838"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT",
"id": "ICSA-22-088-01",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2022-1018",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVNVU95792273",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.1331",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022033008",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-417838",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"id": "VAR-202203-1574",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
}
],
"trust": 0.58214287
},
"last_update_date": "2024-11-23T23:03:54.406000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VERSIONS Rockwell\u00a0Automation",
"trust": 0.8,
"url": "https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026mode=3\u0026refSoft=1\u0026versions=59954"
},
{
"title": "Rockwell Automation ISaGRAF Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=187203"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.1
},
{
"problemtype": "XML Improper restriction of external entity references (CWE-611) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95792273/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1331"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-088-01"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022033008"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-1018/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-417838"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-01T00:00:00",
"db": "VULHUB",
"id": "VHN-417838"
},
{
"date": "2022-03-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"date": "2022-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"date": "2022-04-01T23:15:12.177000",
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-12T00:00:00",
"db": "VULHUB",
"id": "VHN-417838"
},
{
"date": "2022-07-26T08:30:00",
"db": "JVNDB",
"id": "JVNDB-2022-001497"
},
{
"date": "2022-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2478"
},
{
"date": "2024-11-21T06:39:52.100000",
"db": "NVD",
"id": "CVE-2022-1018"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell\u00a0Automation\u00a0 Made \u00a0ISaGRAF\u00a0 In \u00a0XML\u00a0 Improper restriction vulnerability in external entity reference",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001497"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2478"
}
],
"trust": 0.6
}
}