Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-22723 (GCVE-0-2022-22723)
Vulnerability from cvelistv5
Published
2022-02-04 22:29
Modified
2024-08-03 03:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Easergy P5 (All firmware versions prior to V01.401.101) |
Version: Easergy P5 (All firmware versions prior to V01.401.101) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:21:49.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Easergy P5 (All firmware versions prior to V01.401.101)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Easergy P5 (All firmware versions prior to V01.401.101)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T22:29:35",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-22723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Easergy P5 (All firmware versions prior to V01.401.101)",
"version": {
"version_data": [
{
"version_value": "Easergy P5 (All firmware versions prior to V01.401.101)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03",
"refsource": "MISC",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2022-22723",
"datePublished": "2022-02-04T22:29:35",
"dateReserved": "2022-01-06T00:00:00",
"dateUpdated": "2024-08-03T03:21:49.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-22723\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2022-02-04T23:15:13.113\",\"lastModified\":\"2024-11-21T06:47:19.553\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)\"},{\"lang\":\"es\",\"value\":\"Una CWE-120: Se presenta una vulnerabilidad de Copia del B\u00fafer sin Comprobar el Tama\u00f1o de la Entrada que podr\u00eda conllevar a un desbordamiento del b\u00fafer causando un bloqueo del programa y una ejecuci\u00f3n de c\u00f3digo arbitrario cuando son enviados paquetes especialmente dise\u00f1ados al dispositivo a trav\u00e9s de la red. Las funciones Protection y la funci\u00f3n tripping por medio de GOOSE pueden verse afectadas. Producto afectado: Easergy P5 (todas las versiones de firmware anteriores a V01.401.101)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":8.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":6.5,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:easergy_p5_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"01.401.101\",\"matchCriteriaId\":\"5F339D52-8956-44D7-B9A3-5E33CF93F014\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:easergy_p5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D642DB0E-55FF-430D-BD45-D305B13A5045\"}]}]}],\"references\":[{\"url\":\"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
gsd-2022-22723
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-22723",
"description": "A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)",
"id": "GSD-2022-22723"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-22723"
],
"details": "A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)",
"id": "GSD-2022-22723",
"modified": "2023-12-13T01:19:29.773997Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-22723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Easergy P5 (All firmware versions prior to V01.401.101)",
"version": {
"version_data": [
{
"version_value": "Easergy P5 (All firmware versions prior to V01.401.101)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03",
"refsource": "MISC",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:easergy_p5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "01.401.101",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:easergy_p5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-22723"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-02-10T06:57Z",
"publishedDate": "2022-02-04T23:15Z"
}
}
}
ghsa-mm7j-7gq2-x4fr
Vulnerability from github
Published
2022-02-11 00:01
Modified
2022-02-11 00:01
VLAI Severity ?
Details
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)
{
"affected": [],
"aliases": [
"CVE-2022-22723"
],
"database_specific": {
"cwe_ids": [
"CWE-120"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-04T23:15:00Z",
"severity": "HIGH"
},
"details": "A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)",
"id": "GHSA-mm7j-7gq2-x4fr",
"modified": "2022-02-11T00:01:17Z",
"published": "2022-02-11T00:01:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22723"
},
{
"type": "WEB",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
}
],
"schema_version": "1.4.0",
"severity": []
}
fkie_cve-2022-22723
Vulnerability from fkie_nvd
Published
2022-02-04 23:15
Modified
2024-11-21 06:47
Severity ?
Summary
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| schneider-electric | easergy_p5_firmware | * | |
| schneider-electric | easergy_p5 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:easergy_p5_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F339D52-8956-44D7-B9A3-5E33CF93F014",
"versionEndExcluding": "01.401.101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:easergy_p5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D642DB0E-55FF-430D-BD45-D305B13A5045",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101)"
},
{
"lang": "es",
"value": "Una CWE-120: Se presenta una vulnerabilidad de Copia del B\u00fafer sin Comprobar el Tama\u00f1o de la Entrada que podr\u00eda conllevar a un desbordamiento del b\u00fafer causando un bloqueo del programa y una ejecuci\u00f3n de c\u00f3digo arbitrario cuando son enviados paquetes especialmente dise\u00f1ados al dispositivo a trav\u00e9s de la red. Las funciones Protection y la funci\u00f3n tripping por medio de GOOSE pueden verse afectadas. Producto afectado: Easergy P5 (todas las versiones de firmware anteriores a V01.401.101)"
}
],
"id": "CVE-2022-22723",
"lastModified": "2024-11-21T06:47:19.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-04T23:15:13.113",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "cybersecurity@se.com",
"type": "Primary"
}
]
}
CERTFR-2022-AVI-017
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Easergy P5, versions antérieures à 01.401.101, se référer aux informations fournies par l'éditeur pour appliquer les mesures de contournement | ||
| N/A | N/A | ConneXium Tofino Firewall TCSEFEA23F3F20 et 21, toutes versions. Ces produits ne sont plus maintenus par l'éditeur qui incite fortement à mettre à jour vers la gamme TCSEFA23F3F22 | ||
| Schneider Electric | N/A | ConneXium Tofino OPC-LSM TCSEFM0000, versions antérieures à 03.23 | ||
| N/A | N/A | CODESYS V3, vérifier l'avis SEVD-2022-011-06 pour identifier les périphériques utilisant ce système d'exploitation et appliquer les mesures de contournement suggérées par l'éditeur | ||
| N/A | N/A | Easergy T300, versions antérieures à 2.7.1 | ||
| Schneider Electric | N/A | Easergy P3, versions antérieures à 30.205, se référer aux informations fournies par l'éditeur pour appliquer les mesures de contournement | ||
| Schneider Electric | N/A | EcoStruxure Power Monitoring Expert 2020, versions antérieures à 2020 CU3 sans le composant Floating License Manager 2.7 | ||
| Schneider Electric | N/A | ConneXium Tofino Firewall TCSEFEA23F3F22, versions antérieures à 03.23 | ||
| Schneider Electric | Modicon M340 | Modicon M340 Quantum et Premium Quantum CPUs, vérifier l'avis SEVD-2022-011-01 pour identifier les autres systèmes Modicon vulnérables et appliquer les mesures de contournement suggérées par l'éditeur | ||
| Schneider Electric | N/A | EcoStruxure Power Monitoring Expert 9.0, toutes versions. Ces produits ne sont plus maintenus par l'éditeur qui incite fortement à mettre à jour vers la gamme Power Monitoring Expert 2021 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Easergy P5, versions ant\u00e9rieures \u00e0 01.401.101, se r\u00e9f\u00e9rer aux informations fournies par l\u0027\u00e9diteur pour appliquer les mesures de contournement",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "ConneXium Tofino Firewall TCSEFEA23F3F20 et 21, toutes versions. Ces produits ne sont plus maintenus par l\u0027\u00e9diteur qui incite fortement \u00e0 mettre \u00e0 jour vers la gamme TCSEFA23F3F22",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "ConneXium Tofino OPC-LSM TCSEFM0000, versions ant\u00e9rieures \u00e0 03.23",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "CODESYS V3, v\u00e9rifier l\u0027avis SEVD-2022-011-06 pour identifier les p\u00e9riph\u00e9riques utilisant ce syst\u00e8me d\u0027exploitation et appliquer les mesures de contournement sugg\u00e9r\u00e9es par l\u0027\u00e9diteur",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Easergy T300, versions ant\u00e9rieures \u00e0 2.7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Easergy P3, versions ant\u00e9rieures \u00e0 30.205, se r\u00e9f\u00e9rer aux informations fournies par l\u0027\u00e9diteur pour appliquer les mesures de contournement",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure Power Monitoring Expert 2020, versions ant\u00e9rieures \u00e0 2020 CU3 sans le composant Floating License Manager 2.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "ConneXium Tofino Firewall TCSEFEA23F3F22, versions ant\u00e9rieures \u00e0 03.23",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 Quantum et Premium Quantum CPUs, v\u00e9rifier l\u0027avis SEVD-2022-011-01 pour identifier les autres syst\u00e8mes Modicon vuln\u00e9rables et appliquer les mesures de contournement sugg\u00e9r\u00e9es par l\u0027\u00e9diteur",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure Power Monitoring Expert 9.0, toutes versions. Ces produits ne sont plus maintenus par l\u0027\u00e9diteur qui incite fortement \u00e0 mettre \u00e0 jour vers la gamme Power Monitoring Expert 2021",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22723"
},
{
"name": "CVE-2021-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21869"
},
{
"name": "CVE-2021-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21866"
},
{
"name": "CVE-2021-30066",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30066"
},
{
"name": "CVE-2021-30064",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30064"
},
{
"name": "CVE-2022-22724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22724"
},
{
"name": "CVE-2019-8963",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8963"
},
{
"name": "CVE-2021-30063",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30063"
},
{
"name": "CVE-2021-30061",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30061"
},
{
"name": "CVE-2021-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21863"
},
{
"name": "CVE-2022-22722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22722"
},
{
"name": "CVE-2021-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21865"
},
{
"name": "CVE-2020-7534",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7534"
},
{
"name": "CVE-2021-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21867"
},
{
"name": "CVE-2022-22804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22804"
},
{
"name": "CVE-2021-30062",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30062"
},
{
"name": "CVE-2022-22726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22726"
},
{
"name": "CVE-2022-22725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22725"
},
{
"name": "CVE-2021-29241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29241"
},
{
"name": "CVE-2020-8597",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8597"
},
{
"name": "CVE-2021-29240",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29240"
},
{
"name": "CVE-2022-22727",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22727"
},
{
"name": "CVE-2021-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21864"
},
{
"name": "CVE-2021-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21868"
},
{
"name": "CVE-2021-30065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30065"
},
{
"name": "CVE-2021-33485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33485"
}
],
"initial_release_date": "2022-01-11T00:00:00",
"last_revision_date": "2022-01-11T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-017",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-01-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-011-07 du 11 janvier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-07"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-011-03 du 11 janvier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-011-04 du 11 janvier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-04"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-011-01 du 11 janvier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-011-02 du 11 janvier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-02"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-011-05 du 11 janvier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-05"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-011-06 du 11 janvier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-06"
}
]
}
icsa-22-055-03
Vulnerability from csaf_cisa
Published
2022-02-24 00:00
Modified
2022-02-24 00:00
Summary
Schneider Electric Easergy P5 and P3
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to gain full control of the relay. This could result in loss of protection to your electrical network.
Critical infrastructure sectors
Commercial Facilities, Energy
Countries/areas deployed
Worldwide
Company headquarters location
France
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.
{
"document": {
"acknowledgments": [
{
"names": [
"Timoth\u00e9e Chauvin",
"Paul Noalhyt",
"Yuanzhe Wu"
],
"organization": "Red Balloon Security",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to gain full control of the relay. This could result in loss of protection to your electrical network.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities, Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "France",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-055-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-055-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-055-03 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-055-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Schneider Electric Easergy P5 and P3",
"tracking": {
"current_release_date": "2022-02-24T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-055-03",
"initial_release_date": "2022-02-24T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-02-24T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-055-03 Schneider Electric Easergy P5 and P3"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 30.205",
"product": {
"name": "Easergy P3: All versions prior to v30.205",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Easergy P3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 01.401.102",
"product": {
"name": "Easergy P5 All firmware: versions prior to v01.401.102",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Easergy P5 All firmware"
}
],
"category": "vendor",
"name": "Schneider Electric Software, LLC"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-22722",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to this product, they could observe and manipulate traffic associated with product configuration. This could result in information disclosure. CVE-2022-22722 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22722"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends users using Easergy P5 upgrade to v01.402.101 and users using Easergy P3 upgrade to version 30.205. These firmware upgrades include a fix for the identified vulnerabilities and are available upon request from Schneider Electric\u0027s Customer Care Center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Disable the GOOSE service of the product to reduce the risk of exposure. If GOOSE is needed for the application, use it only in a secure local area network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notifications: SEVD-2022-011-03, SEVD-2022-011-04",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. Schneider Electric recommends the use of backups and an evaluation of the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than a network intended to for the devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2022-22723",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer copy without checking size of input vulnerability exists in Easergy P5 devices that could lead to a buffer overflow, causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping functions via GOOSE can be impacted. CVE-2022-22723 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22723"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends users using Easergy P5 upgrade to v01.402.101 and users using Easergy P3 upgrade to version 30.205. These firmware upgrades include a fix for the identified vulnerabilities and are available upon request from Schneider Electric\u0027s Customer Care Center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "For CVE-2022-22723 and CVE-2022-22725 only, if users choose not to apply the remediation provided above, they should immediately apply the following mitigation to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Disable the GOOSE service of the product to reduce the risk of exposure. If GOOSE is needed for the application, use it only in a secure local area network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notifications: SEVD-2022-011-03, SEVD-2022-011-04",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. Schneider Electric recommends the use of backups and an evaluation of the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than a network intended to for the devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2022-22725",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer copy without checking size of input vulnerability exists in Easergy P3 devices that could lead to a buffer overflow, causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping functions via GOOSE can be impacted. CVE-2022-22725 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22725"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends users using Easergy P5 upgrade to v01.402.101 and users using Easergy P3 upgrade to version 30.205. These firmware upgrades include a fix for the identified vulnerabilities and are available upon request from Schneider Electric\u0027s Customer Care Center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "For CVE-2022-22723 and CVE-2022-22725 only, if users choose not to apply the remediation provided above, they should immediately apply the following mitigation to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Disable the GOOSE service of the product to reduce the risk of exposure. If GOOSE is needed for the application, use it only in a secure local area network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notifications: SEVD-2022-011-03, SEVD-2022-011-04",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. Schneider Electric recommends the use of backups and an evaluation of the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than a network intended to for the devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2022-34758",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An Improper Input Validation vulnerability exists in Easergy P5 devices that cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. CVE-2022-34758 has been assigned to this vulnerability. A CVSS v3 base score of 5.1 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34758"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends users using Easergy P5 upgrade to v01.402.101 and users using Easergy P3 upgrade to version 30.205. These firmware upgrades include a fix for the identified vulnerabilities and are available upon request from Schneider Electric\u0027s Customer Care Center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Disable the GOOSE service of the product to reduce the risk of exposure. If GOOSE is needed for the application, use it only in a secure local area network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notifications: SEVD-2022-011-03, SEVD-2022-011-04",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. Schneider Electric recommends the use of backups and an evaluation of the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than a network intended to for the devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
ICSA-22-055-03
Vulnerability from csaf_cisa
Published
2022-02-24 00:00
Modified
2022-02-24 00:00
Summary
Schneider Electric Easergy P5 and P3
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to gain full control of the relay. This could result in loss of protection to your electrical network.
Critical infrastructure sectors
Commercial Facilities, Energy
Countries/areas deployed
Worldwide
Company headquarters location
France
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.
{
"document": {
"acknowledgments": [
{
"names": [
"Timoth\u00e9e Chauvin",
"Paul Noalhyt",
"Yuanzhe Wu"
],
"organization": "Red Balloon Security",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to gain full control of the relay. This could result in loss of protection to your electrical network.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities, Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "France",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-055-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-055-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-055-03 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-055-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Schneider Electric Easergy P5 and P3",
"tracking": {
"current_release_date": "2022-02-24T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-055-03",
"initial_release_date": "2022-02-24T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-02-24T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-055-03 Schneider Electric Easergy P5 and P3"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 30.205",
"product": {
"name": "Easergy P3: All versions prior to v30.205",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Easergy P3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 01.401.102",
"product": {
"name": "Easergy P5 All firmware: versions prior to v01.401.102",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Easergy P5 All firmware"
}
],
"category": "vendor",
"name": "Schneider Electric Software, LLC"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-22722",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to this product, they could observe and manipulate traffic associated with product configuration. This could result in information disclosure. CVE-2022-22722 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22722"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends users using Easergy P5 upgrade to v01.402.101 and users using Easergy P3 upgrade to version 30.205. These firmware upgrades include a fix for the identified vulnerabilities and are available upon request from Schneider Electric\u0027s Customer Care Center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Disable the GOOSE service of the product to reduce the risk of exposure. If GOOSE is needed for the application, use it only in a secure local area network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notifications: SEVD-2022-011-03, SEVD-2022-011-04",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. Schneider Electric recommends the use of backups and an evaluation of the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than a network intended to for the devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2022-22723",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer copy without checking size of input vulnerability exists in Easergy P5 devices that could lead to a buffer overflow, causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping functions via GOOSE can be impacted. CVE-2022-22723 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22723"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends users using Easergy P5 upgrade to v01.402.101 and users using Easergy P3 upgrade to version 30.205. These firmware upgrades include a fix for the identified vulnerabilities and are available upon request from Schneider Electric\u0027s Customer Care Center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "For CVE-2022-22723 and CVE-2022-22725 only, if users choose not to apply the remediation provided above, they should immediately apply the following mitigation to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Disable the GOOSE service of the product to reduce the risk of exposure. If GOOSE is needed for the application, use it only in a secure local area network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notifications: SEVD-2022-011-03, SEVD-2022-011-04",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. Schneider Electric recommends the use of backups and an evaluation of the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than a network intended to for the devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2022-22725",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A buffer copy without checking size of input vulnerability exists in Easergy P3 devices that could lead to a buffer overflow, causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping functions via GOOSE can be impacted. CVE-2022-22725 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22725"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends users using Easergy P5 upgrade to v01.402.101 and users using Easergy P3 upgrade to version 30.205. These firmware upgrades include a fix for the identified vulnerabilities and are available upon request from Schneider Electric\u0027s Customer Care Center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "For CVE-2022-22723 and CVE-2022-22725 only, if users choose not to apply the remediation provided above, they should immediately apply the following mitigation to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Disable the GOOSE service of the product to reduce the risk of exposure. If GOOSE is needed for the application, use it only in a secure local area network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notifications: SEVD-2022-011-03, SEVD-2022-011-04",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. Schneider Electric recommends the use of backups and an evaluation of the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than a network intended to for the devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2022-34758",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An Improper Input Validation vulnerability exists in Easergy P5 devices that cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. CVE-2022-34758 has been assigned to this vulnerability. A CVSS v3 base score of 5.1 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34758"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric recommends users using Easergy P5 upgrade to v01.402.101 and users using Easergy P3 upgrade to version 30.205. These firmware upgrades include a fix for the identified vulnerabilities and are available upon request from Schneider Electric\u0027s Customer Care Center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Disable the GOOSE service of the product to reduce the risk of exposure. If GOOSE is needed for the application, use it only in a secure local area network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notifications: SEVD-2022-011-03, SEVD-2022-011-04",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. Schneider Electric recommends the use of backups and an evaluation of the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than a network intended to for the devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
var-202201-0617
Vulnerability from variot
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101). Easergy P5 Contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Schneider Electric Easergy P5 is a protection relay from Schneider Electric, France, for demanding medium voltage applications.
A buffer overflow vulnerability exists in Schneider Electric Easergy P5, which exists due to a boundary error when handling untrusted input. An attacker could exploit this vulnerability to execute arbitrary code on the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0617",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "easergy p5",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "01.401.101"
},
{
"model": "easergy p5",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "easergy p5",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": "easergy p5 firmware 01.401.101"
},
{
"model": "electric easergy p5",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "01.401.101"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70104"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001378"
},
{
"db": "NVD",
"id": "CVE-2022-22723"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Paul Noalhyt, and Yuanzhe Wu at Red Balloon Security reported these vulnerabilities to CISA.,Timoth\u00e9e Chauvin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-940"
}
],
"trust": 0.6
},
"cve": "CVE-2022-22723",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2022-22723",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2022-70104",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-22723",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-22723",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-22723",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-22723",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2022-70104",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-940",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-22723",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70104"
},
{
"db": "VULMON",
"id": "CVE-2022-22723"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001378"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-940"
},
{
"db": "NVD",
"id": "CVE-2022-22723"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101). Easergy P5 Contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Schneider Electric Easergy P5 is a protection relay from Schneider Electric, France, for demanding medium voltage applications. \n\r\n\r\nA buffer overflow vulnerability exists in Schneider Electric Easergy P5, which exists due to a boundary error when handling untrusted input. An attacker could exploit this vulnerability to execute arbitrary code on the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22723"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001378"
},
{
"db": "CNVD",
"id": "CNVD-2022-70104"
},
{
"db": "VULMON",
"id": "CVE-2022-22723"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-22723",
"trust": 3.9
},
{
"db": "SCHNEIDER",
"id": "SEVD-2022-011-03",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-22-055-03",
"trust": 1.5
},
{
"db": "JVN",
"id": "JVNVU95341726",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001378",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-70104",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022011209",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0825",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-940",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-22723",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70104"
},
{
"db": "VULMON",
"id": "CVE-2022-22723"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001378"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-940"
},
{
"db": "NVD",
"id": "CVE-2022-22723"
}
]
},
"id": "VAR-202201-0617",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70104"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70104"
}
]
},
"last_update_date": "2024-11-23T21:33:12.425000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2022-011-03",
"trust": 0.8,
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-22723"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001378"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001378"
},
{
"db": "NVD",
"id": "CVE-2022-22723"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22723"
},
{
"trust": 1.7,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2022-011-03"
},
{
"trust": 0.9,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-055-03"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95341726/index.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022011209"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0825"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-055-03"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-70104"
},
{
"db": "VULMON",
"id": "CVE-2022-22723"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001378"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-940"
},
{
"db": "NVD",
"id": "CVE-2022-22723"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-70104"
},
{
"db": "VULMON",
"id": "CVE-2022-22723"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-001378"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-940"
},
{
"db": "NVD",
"id": "CVE-2022-22723"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-70104"
},
{
"date": "2022-02-04T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22723"
},
{
"date": "2022-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-001378"
},
{
"date": "2022-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-940"
},
{
"date": "2022-02-04T23:15:13.113000",
"db": "NVD",
"id": "CVE-2022-22723"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-70104"
},
{
"date": "2022-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22723"
},
{
"date": "2022-02-28T08:50:00",
"db": "JVNDB",
"id": "JVNDB-2022-001378"
},
{
"date": "2022-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-940"
},
{
"date": "2024-11-21T06:47:19.553000",
"db": "NVD",
"id": "CVE-2022-22723"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-940"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Easergy\u00a0P5\u00a0 Buffer Overflow Vulnerability in Linux",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-001378"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-940"
}
],
"trust": 0.6
}
}
cnvd-2022-70104
Vulnerability from cnvd
Title
Schneider Electric Easergy P5缓冲区溢出漏洞
Description
Schneider Electric Easergy P5是法国施耐德电气(Schneider Electric)公司的一款适用于要求苛刻的中压应用的保护继电器。
Schneider Electric Easergy P5存在缓冲区溢出漏洞,该漏洞的存在是由于在处理不受信任的输入时出现边界错误。攻击者可利用该漏洞在系统上执行任意代码。
Severity
高
VLAI Severity ?
Formal description
厂商尚未提供漏洞修复方案,请关注厂商主页更新: http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-22723
Impacted products
| Name | Schneider Electric Easergy P5 <01.401.101 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2022-22723",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-22723"
}
},
"description": "Schneider Electric Easergy P5\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u9002\u7528\u4e8e\u8981\u6c42\u82db\u523b\u7684\u4e2d\u538b\u5e94\u7528\u7684\u4fdd\u62a4\u7ee7\u7535\u5668\u3002\n\nSchneider Electric Easergy P5\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u7684\u5b58\u5728\u662f\u7531\u4e8e\u5728\u5904\u7406\u4e0d\u53d7\u4fe1\u4efb\u7684\u8f93\u5165\u65f6\u51fa\u73b0\u8fb9\u754c\u9519\u8bef\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttp://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2022-70104",
"openTime": "2022-10-21",
"products": {
"product": "Schneider Electric Easergy P5 \u003c01.401.101"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-22723",
"serverity": "\u9ad8",
"submitTime": "2022-01-16",
"title": "Schneider Electric Easergy P5\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…