cnvd - cnvd-2022-86331

cnvd-2022-86331

Vulnerability from cnvd

Title: ABB MicroSCADA Pro SYS600代码执行漏洞

Description:

ABB MicroSCADA Pro SYS600是瑞士ABB公司的一套监控和数据采集软件。该软件主要用于变电站自动化、SCADA电气、配电管理应用程序和工业电源管理等。

ABB MicroSCADA Pro SYS600存在代码执行漏洞，该漏洞源于对Monitor Pro界面中的输入未能进行有效地验证。攻击者可利用该漏洞远程执行代码。

Severity: 高

Patch Name: ABB MicroSCADA Pro SYS600代码执行漏洞的补丁

Patch Description:

ABB MicroSCADA Pro SYS600是瑞士ABB公司的一套监控和数据采集软件。该软件主要用于变电站自动化、SCADA电气、配电管理应用程序和工业电源管理等。

ABB MicroSCADA Pro SYS600存在代码执行漏洞，该漏洞源于对Monitor Pro界面中的输入未能进行有效地验证。攻击者可利用该漏洞远程执行代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.hitachienergy.com/

Reference: https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123&LanguageCode=en&DocumentPartId=&Action=Launch&elqaid=4293&elqat=1

Impacted products

Name
['ABB MicroSCADA Pro SYS600 9.4', 'ABB MicroSCADA Pro SYS600 9.4:fixpack_1', 'ABB MicroSCADA Pro SYS600 9.4:fixpack_2', 'ABB MicroSCADA Pro SYS600 <=9.3', 'ABB MicroSCADA Pro SYS600 >=10.0，<=10.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-3388",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-3388"
    }
  },
  "description": "ABB MicroSCADA Pro SYS600\u662f\u745e\u58ebABB\u516c\u53f8\u7684\u4e00\u5957\u76d1\u63a7\u548c\u6570\u636e\u91c7\u96c6\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3b\u8981\u7528\u4e8e\u53d8\u7535\u7ad9\u81ea\u52a8\u5316\u3001SCADA\u7535\u6c14\u3001\u914d\u7535\u7ba1\u7406\u5e94\u7528\u7a0b\u5e8f\u548c\u5de5\u4e1a\u7535\u6e90\u7ba1\u7406\u7b49\u3002\n\nABB MicroSCADA Pro SYS600\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9Monitor Pro\u754c\u9762\u4e2d\u7684\u8f93\u5165\u672a\u80fd\u8fdb\u884c\u6709\u6548\u5730\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.hitachienergy.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-86331",
  "openTime": "2022-12-07",
  "patchDescription": "ABB MicroSCADA Pro SYS600\u662f\u745e\u58ebABB\u516c\u53f8\u7684\u4e00\u5957\u76d1\u63a7\u548c\u6570\u636e\u91c7\u96c6\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3b\u8981\u7528\u4e8e\u53d8\u7535\u7ad9\u81ea\u52a8\u5316\u3001SCADA\u7535\u6c14\u3001\u914d\u7535\u7ba1\u7406\u5e94\u7528\u7a0b\u5e8f\u548c\u5de5\u4e1a\u7535\u6e90\u7ba1\u7406\u7b49\u3002\r\n\r\nABB MicroSCADA Pro SYS600\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9Monitor Pro\u754c\u9762\u4e2d\u7684\u8f93\u5165\u672a\u80fd\u8fdb\u884c\u6709\u6548\u5730\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "ABB MicroSCADA Pro SYS600\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "ABB MicroSCADA Pro SYS600 9.4",
      "ABB MicroSCADA Pro SYS600 9.4:fixpack_1",
      "ABB MicroSCADA Pro SYS600 9.4:fixpack_2",
      "ABB MicroSCADA Pro SYS600 \u003c=9.3",
      "ABB MicroSCADA Pro SYS600 \u003e=10.0\uff0c\u003c=10.4"
    ]
  },
  "referenceLink": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqaid=4293\u0026elqat=1",
  "serverity": "\u9ad8",
  "submitTime": "2022-11-23",
  "title": "ABB MicroSCADA Pro SYS600\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2022-3388 (GCVE-0-2022-3388)

Vulnerability from cvelistv5

Published

2022-11-21 00:00

Modified

2025-07-23 20:45

Severity ?

8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-20 - Improper Input Validation

Summary

An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.

References

▼	URL	Tags
	https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123&LanguageCode=en&DocumentPartId=&Action=Launch&elqaid=4293&elqat=1

Impacted products

Vendor

Product

Version

▼

Hitachi Energy

MicroSCADA Pro SYS600

Version: 9.0

Hitachi Energy

MicroSCADA X SYS600

Version: 10.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:07:06.515Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqaid=4293\u0026elqat=1",
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqaid=4293\u0026elqat=1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MicroSCADA Pro SYS600",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "9.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MicroSCADA X SYS600",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "10.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA\nPro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user\u0027s role."
            }
          ],
          "value": "An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA\nPro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user\u0027s role."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-23",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-23 File Content Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-19T04:28:13.552Z",
        "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "shortName": "Hitachi Energy"
      },
      "references": [
        {
          "name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqaid=4293\u0026elqat=1",
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026elqaid=4293\u0026elqat=1"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "For SYS600 9.x: update to at SYS600 version SYS600 9.4 FP2\u0026nbsp;Hotfix 5 when it is released or upgrade to at least SYS600 version 10.4.1.\u003cbr\u003e\n\nA requirement to install SYS600 9.4 FP2 Hotfix 5 is to have at least\nthe SYS600 9.4 FP2 Hotfix 4 installed.\u003cbr\u003e\u003cbr\u003e \n\nCPE:\u0026nbsp;\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:*\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:*\n\n\u003cbr\u003e\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:*\n\n\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "For SYS600 9.x: update to at SYS600 version SYS600 9.4 FP2\u00a0Hotfix 5 when it is released or upgrade to at least SYS600 version 10.4.1.\n\n\nA requirement to install SYS600 9.4 FP2 Hotfix 5 is to have at least\nthe SYS600 9.4 FP2 Hotfix 4 installed.\n\n \n\nCPE:\u00a0\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:*"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "For SYS600 10.x update to at least SYS600 version 10.4.1\nOr apply general mitigation factors.\u003cbr\u003e\u003cbr\u003e\n\n\nCPE:\u0026nbsp;\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\u003cbr\u003ecpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "For SYS600 10.x update to at least SYS600 version 10.4.1\nOr apply general mitigation factors.\n\n\n\n\nCPE:\u00a0\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*"
        }
      ],
      "source": {
        "advisory": "8DBD000123",
        "discovery": "INTERNAL"
      },
      "title": "Input Validation Vulnerability in Hitachi Energy\u2019s MicroSCADA Pro/X SYS600 Products",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Recommended security practices and firewall configurations can help protect a process control network from\nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and\nare separated from other networks by means of a firewall system that has a minimal number of ports exposed,\nand others that have to be evaluated case by case. Process control systems should not be used for Internet\nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be\u0026nbsp;carefully scanned for viruses before they are connected to a control system. Proper password policies and processes should be followed.\nWe recommend following the cybersecurity deployment guideline as follows: 1MRK511518 MicroSCADA X\nCyber Security Deployment Guideline.\n\n\u003cbr\u003e"
            }
          ],
          "value": "Recommended security practices and firewall configurations can help protect a process control network from\nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and\nare separated from other networks by means of a firewall system that has a minimal number of ports exposed,\nand others that have to be evaluated case by case. Process control systems should not be used for Internet\nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be\u00a0carefully scanned for viruses before they are connected to a control system. Proper password policies and processes should be followed.\nWe recommend following the cybersecurity deployment guideline as follows: 1MRK511518 MicroSCADA X\nCyber Security Deployment Guideline."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
    "assignerShortName": "Hitachi Energy",
    "cveId": "CVE-2022-3388",
    "datePublished": "2022-11-21T00:00:00.000Z",
    "dateReserved": "2022-09-30T00:00:00.000Z",
    "dateUpdated": "2025-07-23T20:45:00.000Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted