CVE-2022-2006 (GCVE-0-2022-2006)
Vulnerability from cvelistv5
Published
2022-08-31 15:33
Modified
2025-04-16 17:49
CWE
  • CWE-427 - Uncontrolled Search Path Element
Summary
AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;
References
ics-cert@hq.dhs.govhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01Patch, Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
AutomationDirect C-more EA9 Version: EA9-T6CL   < 6.73
Version: EA9-T6CL-R   < 6.73
Version: EA9-T7CL   < 6.73
Version: EA9-T7CL-R   < 6.73
Version: EA9-T8CL   < 6.73
Version: EA9-T10CL   < 6.73
Version: EA9-T10WCL   < 6.73
Version: EA9-T12CL   < 6.73
Version: EA9-T15CL   < 6.73
Version: EA9-RHMI   < 6.73
Version: EA9-PGMSW   < 6.73
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:24:44.035Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-2006",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-16T17:27:48.143452Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T17:49:35.105Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "C-more EA9",
          "vendor": "AutomationDirect",
          "versions": [
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-T6CL",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-T6CL-R",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-T7CL",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-T7CL-R",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-T8CL",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-T10CL",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-T10WCL",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-T12CL",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-T15CL",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-RHMI",
              "versionType": "custom"
            },
            {
              "lessThan": "6.73",
              "status": "affected",
              "version": "EA9-PGMSW",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Sam Hanson of Dragos reported this vulnerability to CISA."
        }
      ],
      "datePublic": "2022-06-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427 Uncontrolled Search Path Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-31T15:33:03.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "AutomationDirect recommends users upgrade to firmware Version 6.73 or later, which supports TLS security options for the webserver.\n\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to Version 6.73 or later:\n\nThe Webserver feature can be disabled on the HMI using the programming software.\nPlace the HMI panel behind a VPN: Access to and from critical control system assets in the modern environment is usually LAN based, but still should be considered remote if the operator is traversing across different networks. virtual private networking (VPN) is often considered the best approach in securing trans-network communication."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "AutomationDirect C-more EA9 HMI Uncontrolled Search Path Element",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2022-06-16T17:00:00.000Z",
          "ID": "CVE-2022-2006",
          "STATE": "PUBLIC",
          "TITLE": "AutomationDirect C-more EA9 HMI Uncontrolled Search Path Element"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "C-more EA9",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-T6CL",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-T6CL-R",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-T7CL",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-T7CL-R",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-T8CL",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-T10CL",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-T10WCL",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-T12CL",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-T15CL",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-RHMI",
                            "version_value": "6.73"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "EA9-PGMSW",
                            "version_value": "6.73"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "AutomationDirect"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Sam Hanson of Dragos reported this vulnerability to CISA."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-427 Uncontrolled Search Path Element"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01",
              "refsource": "CONFIRM",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "AutomationDirect recommends users upgrade to firmware Version 6.73 or later, which supports TLS security options for the webserver.\n\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to Version 6.73 or later:\n\nThe Webserver feature can be disabled on the HMI using the programming software.\nPlace the HMI panel behind a VPN: Access to and from critical control system assets in the modern environment is usually LAN based, but still should be considered remote if the operator is traversing across different networks. virtual private networking (VPN) is often considered the best approach in securing trans-network communication."
          }
        ],
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2022-2006",
    "datePublished": "2022-08-31T15:33:03.440Z",
    "dateReserved": "2022-06-06T00:00:00.000Z",
    "dateUpdated": "2025-04-16T17:49:35.105Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-2006\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2022-08-31T16:15:10.580\",\"lastModified\":\"2024-11-21T07:00:09.847\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;\"},{\"lang\":\"es\",\"value\":\"AutomationDirect DirectLOGIC presenta una vulnerabilidad de DLL en el directorio de instalaci\u00f3n que puede permitir a un atacante ejecutar c\u00f3digo durante el proceso de instalaci\u00f3n. Este problema afecta a: AutomationDirect C-more EA9 EA9-T6CL versiones anteriores a 6.73; EA9-T6CL-R versiones anteriores a 6.73; EA9-T7CL versiones anteriores a 6.73; EA9-T7CL-R versiones anteriores a 6.73; EA9-T8CL versiones anteriores a 6. 73; EA9-T10CL versiones anteriores a 6.73; EA9-T10WCL versiones anteriores a 6.73; EA9-T12CL versiones anteriores a 6.73; EA9-T15CL versiones anteriores a 6.73; EA9-RHMI versiones anteriores a 6.73; EA9-PGMSW versiones anteriores a 6.73;\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t6cl_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"5219FEAE-097C-489D-A1C3-7F23785FB052\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t6cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90ABFD5B-56A5-4C29-941C-B31674DC0246\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t6cl-r_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"5C251BA3-5294-44F1-9C6E-ED21386A282C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t6cl-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"913C69FB-CEE6-4C94-9B05-225C18A534BD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t7cl_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"61822593-36E3-49BD-AF41-E491C4E31F0C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t7cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02F18D5A-F9CC-406E-AD49-BE7024249323\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t7cl-r_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"510915F7-03CE-4A57-AD96-CF01894FF83B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t7cl-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5291AE73-AE02-4456-8003-06DCE502E90A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t8cl_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"1488B5F2-83EA-4CA7-ABE0-70C9B078396A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t8cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA9CF409-9A24-4959-9686-CEDA2B69B9BB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t10cl_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"904EF216-C2B5-49DF-B945-178620C7A2FA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t10cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A9895C6-97CD-46BB-B786-3B949D2F730F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t10wcl_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"25683BCF-5F17-40D2-BE2F-D6021C3EC80C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t10wcl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CD0E831-40A4-4553-A0AD-69E778CBF4A4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t12cl_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"66CB7C6E-2E3B-4F66-9E59-D394BBEF2C9C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t12cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"572C2BCC-86AA-4922-9864-44E5666FC921\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t15cl_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"FF663D37-0BA4-4838-96E5-BEF0801B8B41\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t15cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80619ADC-EE57-46EE-9F0C-0D3810A5AA98\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-t15cl-r_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"3749F3B8-FD08-41AB-B1DA-9BE1BD97ECBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-t15cl-r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEBF321B-7E79-4BF2-8EC9-78DF710B9247\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-rhmi_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"1E1F822D-D281-4DF0-BD1F-A90F5A2048CE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-rhmi:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4ADD33CE-EA3E-475E-803C-B8569BA66120\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:automationdirect:c-more_ea9-pgmsw_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.73\",\"matchCriteriaId\":\"4C6590E0-AA99-45FD-A6F2-396A8A36288C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:automationdirect:c-more_ea9-pgmsw:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CED568CF-8743-4A6D-B67D-93A9A797D596\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"C-more EA9\", \"vendor\": \"AutomationDirect\", \"versions\": [{\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-T6CL\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-T6CL-R\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-T7CL\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-T7CL-R\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-T8CL\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-T10CL\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-T10WCL\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-T12CL\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-T15CL\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-RHMI\", \"versionType\": \"custom\"}, {\"lessThan\": \"6.73\", \"status\": \"affected\", \"version\": \"EA9-PGMSW\", \"versionType\": \"custom\"}]}], \"credits\": [{\"lang\": \"en\", \"value\": \"Sam Hanson of Dragos reported this vulnerability to CISA.\"}], \"datePublic\": \"2022-06-16T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"LOCAL\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"REQUIRED\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-427\", \"description\": \"CWE-427 Uncontrolled Search Path Element\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2022-08-31T15:33:03.000Z\", \"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\"}, \"references\": [{\"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"AutomationDirect recommends users upgrade to firmware Version 6.73 or later, which supports TLS security options for the webserver.\\n\\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\\n\\nAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to Version 6.73 or later:\\n\\nThe Webserver feature can be disabled on the HMI using the programming software.\\nPlace the HMI panel behind a VPN: Access to and from critical control system assets in the modern environment is usually LAN based, but still should be considered remote if the operator is traversing across different networks. virtual private networking (VPN) is often considered the best approach in securing trans-network communication.\"}], \"source\": {\"discovery\": \"UNKNOWN\"}, \"title\": \"AutomationDirect C-more EA9 HMI Uncontrolled Search Path Element\", \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"ics-cert@hq.dhs.gov\", \"DATE_PUBLIC\": \"2022-06-16T17:00:00.000Z\", \"ID\": \"CVE-2022-2006\", \"STATE\": \"PUBLIC\", \"TITLE\": \"AutomationDirect C-more EA9 HMI Uncontrolled Search Path Element\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"C-more EA9\", \"version\": {\"version_data\": [{\"version_affected\": \"\u003c\", \"version_name\": \"EA9-T6CL\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-T6CL-R\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-T7CL\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-T7CL-R\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-T8CL\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-T10CL\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-T10WCL\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-T12CL\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-T15CL\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-RHMI\", \"version_value\": \"6.73\"}, {\"version_affected\": \"\u003c\", \"version_name\": \"EA9-PGMSW\", \"version_value\": \"6.73\"}]}}]}, \"vendor_name\": \"AutomationDirect\"}]}}, \"credit\": [{\"lang\": \"eng\", \"value\": \"Sam Hanson of Dragos reported this vulnerability to CISA.\"}], \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;\"}]}, \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"impact\": {\"cvss\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"LOCAL\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"REQUIRED\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-427 Uncontrolled Search Path Element\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01\", \"refsource\": \"CONFIRM\", \"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01\"}]}, \"solution\": [{\"lang\": \"en\", \"value\": \"AutomationDirect recommends users upgrade to firmware Version 6.73 or later, which supports TLS security options for the webserver.\\n\\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\\n\\nAutomationDirect has identified the following mitigations for instances where systems cannot be upgraded to Version 6.73 or later:\\n\\nThe Webserver feature can be disabled on the HMI using the programming software.\\nPlace the HMI panel behind a VPN: Access to and from critical control system assets in the modern environment is usually LAN based, but still should be considered remote if the operator is traversing across different networks. virtual private networking (VPN) is often considered the best approach in securing trans-network communication.\"}], \"source\": {\"discovery\": \"UNKNOWN\"}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T00:24:44.035Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"], \"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01\"}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-2006\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-16T17:27:48.143452Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-16T17:27:49.456Z\"}}]}",
      "cveMetadata": "{\"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"assignerShortName\": \"icscert\", \"cveId\": \"CVE-2022-2006\", \"datePublished\": \"2022-08-31T15:33:03.440Z\", \"dateReserved\": \"2022-06-06T00:00:00.000Z\", \"dateUpdated\": \"2025-04-16T17:49:35.105Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…