Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-22806 (GCVE-0-2022-22806)
Vulnerability from cvelistv5
Published
2022-03-09 19:30
Modified
2024-08-03 03:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-294 - Authentication Bypass by Capture-replay
Summary
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)
References
| URL | Tags | ||
|---|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Schneider Electric | SmartConnect |
Version: SMT Series Version: SMC Series Version: SMTL Series Version: SCL Series Version: SMX Series |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:21:49.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SmartConnect ",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "SMT Series "
},
{
"status": "affected",
"version": "SMC Series"
},
{
"status": "affected",
"version": "SMTL Series"
},
{
"status": "affected",
"version": "SCL Series"
},
{
"status": "affected",
"version": "SMX Series"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "CWE-294 Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-28T16:25:29",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-22806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SmartConnect ",
"version": {
"version_data": [
{
"version_value": "SMT Series "
},
{
"version_value": "SMC Series"
},
{
"version_value": "SMTL Series"
},
{
"version_value": "SCL Series"
},
{
"version_value": "SMX Series"
}
]
}
}
]
},
"vendor_name": "Schneider Electric"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-294 Authentication Bypass by Capture-replay"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2022-22806",
"datePublished": "2022-03-09T19:30:17",
"dateReserved": "2022-01-07T00:00:00",
"dateUpdated": "2024-08-03T03:21:49.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-22806\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2022-03-09T20:15:08.510\",\"lastModified\":\"2024-11-21T06:47:28.950\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)\"},{\"lang\":\"es\",\"value\":\"Una CWE-294: se presenta una vulnerabilidad de Omisi\u00f3n de la Autenticaci\u00f3n Mediante Captura-repetici\u00f3n que podr\u00eda causar una conexi\u00f3n no autenticada al SAI cuando se env\u00eda una conexi\u00f3n malformada. Producto afectado: Familia SmartConnect: Serie SMT (SMT Series ID=1015: UPS 04.5 y anteriores), Serie SMC (SMC Series ID=1018: UPS 04.2 y anteriores), Serie SMTL (SMTL Series ID=1026: UPS 02.9 y anteriores), Serie SCL (SCL Series ID=1029: UPS 02. 5 y anteriores / SCL Series ID=1030: UPS 02.5 y anteriores / SCL Series ID=1036: UPS 02.5 y anteriores / SCL Series ID=1037: UPS 03.1 y anteriores), SMX Series (SMX Series ID=1031: UPS 03.1 y anteriores)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-294\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-294\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:smt_series_1015_ups_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"04.5\",\"matchCriteriaId\":\"2C3EA55B-DB09-4124-A9D9-A92431C38D1F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:smt_series_1015_ups:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95C1E3D9-606B-4C57-A4E7-0A45C9D46332\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:smc_series_1018_ups_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"04.2\",\"matchCriteriaId\":\"FFE2D844-ED18-44D3-9E75-4BB3082E4B51\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:smc_series_1018_ups:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"154E788E-173C-4D16-A492-B61D39D420EF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:smtl_series_1026_ups_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"02.9\",\"matchCriteriaId\":\"AE693F05-B0A7-452D-94C6-D36E37ACF6CB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:smtl_series_1026_ups:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B138EB4-6264-4BFA-B4C7-4B23FFA676B1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:scl_series_1029_ups_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"02.5\",\"matchCriteriaId\":\"C2E0803A-637E-4BBA-B9D5-AB59EE122844\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:scl_series_1029_ups:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4175BEC7-DA4D-4E19-A642-A5FC13D3598E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:scl_series_1030_ups_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"02.5\",\"matchCriteriaId\":\"469F9813-DE0E-4752-91EB-FECC001C6825\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:scl_series_1030_ups:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8DC43CB-66C0-469B-AF87-0120D6280584\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:scl_series_1036_ups_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"02.5\",\"matchCriteriaId\":\"22E4C951-876D-46F7-8CF4-D943464E8338\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:scl_series_1036_ups:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FB7E0EB-AF6D-4107-B343-50309E9DF03E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:scl_series_1037_ups_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"03.1\",\"matchCriteriaId\":\"3E52A522-88D4-4B6A-83B4-C56C093C7F54\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:scl_series_1037_ups:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04C627CE-E3F8-4E3F-8B93-07C92AA21296\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:smx_series_1031_ups_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"03.1\",\"matchCriteriaId\":\"6251AE4E-FFED-4B0C-A90B-A3BD852A2ED8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:smx_series_1031_ups:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E1E7040-8123-483C-AE62-F190D83D0ADC\"}]}]}],\"references\":[{\"url\":\"https://www.se.com/ww/en/download/document/SEVD-2022-067-02/\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.se.com/ww/en/download/document/SEVD-2022-067-02/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
gsd-2022-22806
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-22806",
"description": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent.\n\nAffected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)",
"id": "GSD-2022-22806"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-22806"
],
"details": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)",
"id": "GSD-2022-22806",
"modified": "2023-12-13T01:19:29.457790Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-22806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SmartConnect ",
"version": {
"version_data": [
{
"version_value": "SMT Series "
},
{
"version_value": "SMC Series"
},
{
"version_value": "SMTL Series"
},
{
"version_value": "SCL Series"
},
{
"version_value": "SMX Series"
}
]
}
}
]
},
"vendor_name": "Schneider Electric"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-294 Authentication Bypass by Capture-replay"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:smt_series_1015_ups_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "04.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:smt_series_1015_ups:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:smc_series_1018_ups_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "04.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:smc_series_1018_ups:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:smtl_series_1026_ups_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "02.9",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:smtl_series_1026_ups:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:scl_series_1029_ups_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "02.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:scl_series_1029_ups:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:scl_series_1030_ups_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "02.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:scl_series_1030_ups:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:scl_series_1036_ups_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "02.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:scl_series_1036_ups:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:scl_series_1037_ups_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "03.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:scl_series_1037_ups:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:smx_series_1031_ups_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "03.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:smx_series_1031_ups:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-22806"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-05-12T20:42Z",
"publishedDate": "2022-03-09T20:15Z"
}
}
}
CERTFR-2022-AVI-215
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- EcoStruxure Control Expert versions antérieures à 15.1
- EcoStruxure Process Expert versions antérieures à 2021
- SCADAPack RemoteConnect for x70 toutes versions, se référer aux mesures de contournement proposées par l'éditeur
- Smart-UPS séries SMT micrologiciels versions antérieures à UPS 04.6 permettant une correction partielle de la vulnérabilité CVE-2022-0715 et une correction des vulnérabilités CVE-2022-22805 et CVE-2022-22806
- Smart-UPS séries SMC micrologiciels versions antérieures à UPS 04.3 permettant une correction partielle de la vulnérabilité CVE-2022-0715 et une correction des vulnérabilités CVE-2022-22805 et CVE-2022-22806
- Aucun correctif n'est disponible pour les séries Smart-UPS SCL, SMX et SRT ainsi que les séries SmartConnect SMTL, SCL, et SMX. Se référer aux mesures de contournement proposées par l'éditeur
- Ritto Wiser Door toutes versions, se référer aux mesures de contournement proposées par l'éditeur
Pour les vulnérabilités identifiées CVE-2021-22778, CVE-2021-22780, CVE-2021-22781, CVE-2021-22782 et CVE-2020-12525, la mise à niveau vers EcoStruxure Control Expert v15.1 et EcoStruxure Process Expert v2021 constitue une première étape de contournement. L'éditeur annoncera la publication d'un nouveau micrologiciel afin de corriger ces vulnérabilités.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eEcoStruxure Control Expert versions ant\u00e9rieures \u00e0 15.1\u003c/li\u003e \u003cli\u003eEcoStruxure Process Expert versions ant\u00e9rieures \u00e0 2021\u003c/li\u003e \u003cli\u003eSCADAPack RemoteConnect for x70 toutes versions, se r\u00e9f\u00e9rer aux mesures de contournement propos\u00e9es par l\u0027\u00e9diteur\u003c/li\u003e \u003cli\u003eSmart-UPS s\u00e9ries SMT micrologiciels versions ant\u00e9rieures \u00e0 UPS 04.6 permettant une correction partielle de la vuln\u00e9rabilit\u00e9 CVE-2022-0715 et une correction des vuln\u00e9rabilit\u00e9s CVE-2022-22805 et CVE-2022-22806\u003c/li\u003e \u003cli\u003eSmart-UPS s\u00e9ries SMC micrologiciels versions ant\u00e9rieures \u00e0 UPS 04.3 permettant une correction partielle de la vuln\u00e9rabilit\u00e9 CVE-2022-0715 et une correction des vuln\u00e9rabilit\u00e9s CVE-2022-22805 et CVE-2022-22806\u003c/li\u003e \u003cli\u003eAucun correctif n\u0027est disponible pour les s\u00e9ries Smart-UPS SCL, SMX et SRT ainsi que les s\u00e9ries SmartConnect SMTL, SCL, et SMX. Se r\u00e9f\u00e9rer aux mesures de contournement propos\u00e9es par l\u0027\u00e9diteur\u003c/li\u003e \u003cli\u003eRitto Wiser Door toutes versions, se r\u00e9f\u00e9rer aux mesures de contournement propos\u00e9es par l\u0027\u00e9diteur\u003c/li\u003e \u003c/ul\u003e \u003cp\u003ePour les vuln\u00e9rabilit\u00e9s identifi\u00e9es CVE-2021-22778, CVE-2021-22780, CVE-2021-22781, CVE-2021-22782 et CVE-2020-12525, la mise \u00e0 niveau vers EcoStruxure Control Expert v15.1 et EcoStruxure Process Expert v2021 constitue une premi\u00e8re \u00e9tape de contournement. L\u0027\u00e9diteur annoncera la publication d\u0027un nouveau micrologiciel afin de corriger ces vuln\u00e9rabilit\u00e9s.\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-24322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24322"
},
{
"name": "CVE-2021-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21814"
},
{
"name": "CVE-2021-34527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34527"
},
{
"name": "CVE-2021-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21830"
},
{
"name": "CVE-2021-22797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22797"
},
{
"name": "CVE-2021-22779",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22779"
},
{
"name": "CVE-2021-22781",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22781"
},
{
"name": "CVE-2021-22780",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22780"
},
{
"name": "CVE-2021-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21828"
},
{
"name": "CVE-2021-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21810"
},
{
"name": "CVE-2021-21813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21813"
},
{
"name": "CVE-2022-22806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22806"
},
{
"name": "CVE-2021-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21825"
},
{
"name": "CVE-2021-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21829"
},
{
"name": "CVE-2021-1675",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1675"
},
{
"name": "CVE-2021-22782",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22782"
},
{
"name": "CVE-2021-22778",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22778"
},
{
"name": "CVE-2022-0715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0715"
},
{
"name": "CVE-2021-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21826"
},
{
"name": "CVE-2021-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21812"
},
{
"name": "CVE-2021-21827",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21827"
},
{
"name": "CVE-2022-22805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22805"
},
{
"name": "CVE-2022-24323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24323"
},
{
"name": "CVE-2021-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21815"
},
{
"name": "CVE-2021-22783",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22783"
},
{
"name": "CVE-2021-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21811"
},
{
"name": "CVE-2020-12525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12525"
}
],
"initial_release_date": "2022-03-08T00:00:00",
"last_revision_date": "2022-03-08T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-215",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-067-02 du 8 mars 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-02"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-04 du 09 novembre 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-04"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-257-01 du 14 septembre 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-222-02 du 10 ao\u00fbt 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-02"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-067-01 du 8 mars 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-067-03 du 8 mars 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-03"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider 2021-194-01 du 13 juillet 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01"
}
]
}
CERTFR-2022-AVI-436
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- PowerLogic ION Setup versions antérieures à 3.2.22096.01
- Saitel DP RTU microgiciel versions Baseline_09.00.00 à Baseline_11.06.23 antérieures à BaseLine_11.06.24
- APC Smart-UPS SRC Series ID=1004: UPS versions 14.9 et antérieures
- APC Smart-UPS SRC Series ID=1006: UPS versions 14.9 et antérieures
- APC Smart-UPS SRC Series ID=1011: UPS versions 14.9 et antérieures
- APC Smart-UPS SRC Series ID=1033: UPS versions 00.3 et antérieures
- APC Smart-UPS XU Series SRC Series ID=1017: UPS versions 02.6 et antérieures
- SmartConnect séries SMTL, SCL, et SMX version du microgiciel antérieure à 15.0
- HMISCU Vijeo Designer versions antérieures à 6.2 SP12
- Easergy MiCOM P30 range modèles C434, P132, P139, P433, P435, P437, P532, P631, P632, P633, P634 et Px36/8 versions 660 à 674
- APC Rack Power Distribution Units (PDU) utilisant NMC2 AOS versions antérieures à 7.0.6
- APC Rack Power Distribution Units (PDU) utilisant NMC3 AOS versions antérieures à 1.2.0.2
- APC 3-Phase Power Distribution Products utilisant NMC2 AOS versions antérieures à 7.0.4
- Network Management Card 2 (NMC2) for InfraStruxure 150 kVA PDU with 84 Poles (X84P) versions antérieures à 7.0.4
- Network Management Card 2 for InfraStruxure 40/60kVA PDU (XPDU) versions antérieures à 7.0.4
- Network Management Card 2 for Modular 150/175kVA PDU (XRDP) versions antérieures à 7.0.4
- Network Management Card 2 for 400 and 500 kVA (PMM) versions antérieures à 7.0.4
- Network Management Card 2 for Modular PDU (XRDP2G) versions antérieures à 7.0.4
- Rack Automatic Transfer Switches (ATS) utilisant NMC2 AOS versions antérieures à 7.0.4
- Network Management Card 2 (NMC2) Cooling Products utilisant NMC2 AOS versions antérieures à 7.0.4
- Environmental Monitoring Unit with embedded NMC2 (NB250) utilisant NMC2 AOS versions antérieures à 7.0.4
- Network Management Card 2 (NMC2) versions antérieures à 7.0.4
- EcoStruxure Micro Data Center utilisant NMC2 AOS versions antérieures à 7.0.4
Les produits suivants ne sont plus supportés par l'éditeur :
- Wiser Smart EER21000 et EER21001 versions antérieures à 4.5
Les produits suivants ne bénéficient pas encore de correctif pour les vulnérabilités CVE-2022-22805, CVE-2022-22806 et CVE-2022-0715 :
- Smart-UPS séries SMT, SMC, SCL, SMX, SRT, SRC, XU, et SRTL
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003ePowerLogic ION Setup versions ant\u00e9rieures \u00e0 3.2.22096.01\u003c/li\u003e \u003cli\u003eSaitel DP RTU microgiciel versions Baseline_09.00.00 \u00e0 Baseline_11.06.23 ant\u00e9rieures \u00e0 BaseLine_11.06.24\u003c/li\u003e \u003cli\u003eAPC Smart-UPS SRC Series ID=1004: UPS versions 14.9 et ant\u00e9rieures\u003c/li\u003e \u003cli\u003eAPC Smart-UPS SRC Series ID=1006: UPS versions 14.9 et ant\u00e9rieures\u003c/li\u003e \u003cli\u003eAPC Smart-UPS SRC Series ID=1011: UPS versions 14.9 et ant\u00e9rieures\u003c/li\u003e \u003cli\u003eAPC Smart-UPS SRC Series ID=1033: UPS versions 00.3 et ant\u00e9rieures\u003c/li\u003e \u003cli\u003eAPC Smart-UPS XU Series SRC Series ID=1017: UPS versions 02.6 et ant\u00e9rieures\u003c/li\u003e \u003cli\u003eSmartConnect s\u00e9ries SMTL, SCL, et SMX version du microgiciel ant\u00e9rieure \u00e0 15.0\u003c/li\u003e \u003cli\u003eHMISCU Vijeo Designer versions ant\u00e9rieures \u00e0 6.2 SP12\u003c/li\u003e \u003cli\u003eEasergy MiCOM P30 range mod\u00e8les C434, P132, P139, P433, P435, P437, P532, P631, P632, P633, P634 et Px36/8 versions 660 \u00e0 674\u003c/li\u003e \u003cli\u003eAPC Rack Power Distribution Units (PDU) utilisant NMC2 AOS versions ant\u00e9rieures \u00e0 7.0.6\u003c/li\u003e \u003cli\u003eAPC Rack Power Distribution Units (PDU) utilisant NMC3 AOS versions ant\u00e9rieures \u00e0 1.2.0.2\u003c/li\u003e \u003cli\u003eAPC 3-Phase Power Distribution Products utilisant NMC2 AOS versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eNetwork Management Card 2 (NMC2) for InfraStruxure 150 kVA PDU with 84 Poles (X84P) versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eNetwork Management Card 2 for InfraStruxure 40/60kVA PDU (XPDU) versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eNetwork Management Card 2 for Modular 150/175kVA PDU (XRDP) versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eNetwork Management Card 2 for 400 and 500 kVA (PMM) versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eNetwork Management Card 2 for Modular PDU (XRDP2G) versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eRack Automatic Transfer Switches (ATS) utilisant NMC2 AOS versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eNetwork Management Card 2 (NMC2) Cooling Products utilisant NMC2 AOS versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eEnvironmental Monitoring Unit with embedded NMC2 (NB250) utilisant NMC2 AOS versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eNetwork Management Card 2 (NMC2) versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003cli\u003eEcoStruxure Micro Data Center utilisant NMC2 AOS versions ant\u00e9rieures \u00e0 7.0.4\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eLes produits suivants ne sont plus support\u00e9s par l\u0027\u00e9diteur :\u003c/p\u003e \u003cul\u003e \u003cli\u003eWiser Smart EER21000 et EER21001 versions ant\u00e9rieures \u00e0 4.5\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eLes produits suivants ne b\u00e9n\u00e9ficient pas encore de correctif pour les vuln\u00e9rabilit\u00e9s CVE-2022-22805, CVE-2022-22806 et CVE-2022-0715 :\u003c/p\u003e \u003cul\u003e \u003cli\u003eSmart-UPS s\u00e9ries SMT, SMC, SCL, SMX, SRT, SRC, XU, et SRTL\u003c/li\u003e \u003c/ul\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-30236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30236"
},
{
"name": "CVE-2021-22811",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22811"
},
{
"name": "CVE-2021-22813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22813"
},
{
"name": "CVE-2022-30233",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30233"
},
{
"name": "CVE-2022-30238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30238"
},
{
"name": "CVE-2022-6996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-6996"
},
{
"name": "CVE-2021-22810",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22810"
},
{
"name": "CVE-2021-22815",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22815"
},
{
"name": "CVE-2022-22806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22806"
},
{
"name": "CVE-2022-30234",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30234"
},
{
"name": "CVE-2022-0715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0715"
},
{
"name": "CVE-2021-22812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22812"
},
{
"name": "CVE-2022-30232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30232"
},
{
"name": "CVE-2020-6996",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6996"
},
{
"name": "CVE-2022-30235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30235"
},
{
"name": "CVE-2022-22805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22805"
},
{
"name": "CVE-2021-22814",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22814"
},
{
"name": "CVE-2022-30237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30237"
}
],
"initial_release_date": "2022-05-10T00:00:00",
"last_revision_date": "2022-08-22T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-436",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-10T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour des liens",
"revision_date": "2022-08-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-130-01 du 10 mai 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-130-01_PowerLogic_ION_Setup_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2022-130-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-130-02 du 10 mai 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-130-02_Saitel_DP_RTU_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2022-130-02"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-05 du 10 mai 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V7.0.pdf\u0026p_Doc_Ref=SEVD-2021-313-05"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-130-03 du 10 mai 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-130-03_WiserSmart_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2022-130-03"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-03 du 10 mai 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-313-03_APC_NMC_Security_Notification_V2.0.pdf\u0026p_Doc_Ref=SEVD-2021-313-03"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-067-02 du 10 mai 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-067-02_APC-Smart-UPS_Security_Notification_V6.0.pdf"
}
]
}
CERTFR-2022-AVI-546
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Schneider Electric | N/A | Schneider Electric C-Bus Network Automation Controller LSS5500SHAC versions antérieures à 1.11.0 | ||
| Schneider Electric | N/A | Clipsal C-Bus Network Automation Controller 5500SHAC versions antérieures à 1.11.0 | ||
| Schneider Electric | N/A | Conext ComBox toutes versions | ||
| Schneider Electric | N/A | SpaceLogic C-Bus Network Automation Controller 5500NAC2 versions antérieures à 1.11.0 | ||
| Schneider Electric | N/A | CanBRASS versions antérieures à 7.6 | ||
| Schneider Electric | N/A | StruxureWare Data Center Expert versions antérieures à 7.9.1 | ||
| N/A | N/A | EcoStruxure Power Commission versions antérieures à 2.22 | ||
| Schneider Electric | N/A | Smart-UPS SMT SMC, SMX, SRC, XU, XP, SURTD, CHS2 et SRTL Series toutes versions | ||
| Schneider Electric | N/A | EcoStruxure Cybersecurity Admin Expert (CAE) versions antérieures à 2.4 | ||
| Schneider Electric | N/A | IGSS Data Server versions antérieures à 15.0.0.22170 | ||
| Schneider Electric | N/A | Geo SCADA Mobile versions antérieures au Build 202205171 | ||
| Schneider Electric | N/A | Smart-UPS SRT Series versions antérieures à 15.0 | ||
| Schneider Electric | N/A | Schneider Electric C-Bus Network Automation Controller LSS5500NAC versions antérieures à 1.11.0 | ||
| Schneider Electric | N/A | EcoStruxure Power Build: Rapsody Software versions antérieures à 2.1.13 | ||
| Schneider Electric | N/A | EPC2000 versions antérieures à 4.03 | ||
| Schneider Electric | N/A | Versadac versions antérieures à 2.43 | ||
| Schneider Electric | N/A | Clipsal C-Bus Network Automation Controller 5500NAC versions antérieures à 1.11.0 | ||
| Schneider Electric | N/A | SCADAPack RemoteConnect pour x70 versions antérieures à R2.7.3 | ||
| Schneider Electric | N/A | SpaceLogic C-Bus Network Automation Controller 5500AC2 versions antérieures à 1.11.0 | ||
| Schneider Electric | N/A | Smart-UPS SCL Series versions antérieures à 15.1 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Schneider Electric C-Bus Network Automation Controller LSS5500SHAC versions ant\u00e9rieures \u00e0 1.11.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Clipsal C-Bus Network Automation Controller 5500SHAC versions ant\u00e9rieures \u00e0 1.11.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Conext ComBox toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "SpaceLogic C-Bus Network Automation Controller 5500NAC2 versions ant\u00e9rieures \u00e0 1.11.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "CanBRASS versions ant\u00e9rieures \u00e0 7.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "StruxureWare Data Center Expert versions ant\u00e9rieures \u00e0 7.9.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure Power Commission versions ant\u00e9rieures \u00e0 2.22",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Smart-UPS SMT SMC, SMX, SRC, XU, XP, SURTD, CHS2 et SRTL Series toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure Cybersecurity Admin Expert (CAE) versions ant\u00e9rieures \u00e0 2.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "IGSS Data Server versions ant\u00e9rieures \u00e0 15.0.0.22170",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Geo SCADA Mobile versions ant\u00e9rieures au Build 202205171",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Smart-UPS SRT Series versions ant\u00e9rieures \u00e0 15.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Schneider Electric C-Bus Network Automation Controller LSS5500NAC versions ant\u00e9rieures \u00e0 1.11.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure Power Build: Rapsody Software versions ant\u00e9rieures \u00e0 2.1.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EPC2000 versions ant\u00e9rieures \u00e0 4.03",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Versadac versions ant\u00e9rieures \u00e0 2.43",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Clipsal C-Bus Network Automation Controller 5500NAC versions ant\u00e9rieures \u00e0 1.11.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "SCADAPack RemoteConnect pour x70 versions ant\u00e9rieures \u00e0 R2.7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "SpaceLogic C-Bus Network Automation Controller 5500AC2 versions ant\u00e9rieures \u00e0 1.11.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Smart-UPS SCL Series versions ant\u00e9rieures \u00e0 15.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-32524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32524"
},
{
"name": "CVE-2022-24322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24322"
},
{
"name": "CVE-2022-22731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22731"
},
{
"name": "CVE-2022-32514",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32514"
},
{
"name": "CVE-2020-35198",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35198"
},
{
"name": "CVE-2022-32517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32517"
},
{
"name": "CVE-2022-32526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32526"
},
{
"name": "CVE-2022-32530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32530"
},
{
"name": "CVE-2022-32748",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32748"
},
{
"name": "CVE-2022-22806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22806"
},
{
"name": "CVE-2022-32529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32529"
},
{
"name": "CVE-2022-32513",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32513"
},
{
"name": "CVE-2022-32747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32747"
},
{
"name": "CVE-2022-32523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32523"
},
{
"name": "CVE-2022-32528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32528"
},
{
"name": "CVE-2022-32516",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32516"
},
{
"name": "CVE-2022-32522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32522"
},
{
"name": "CVE-2022-32527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32527"
},
{
"name": "CVE-2022-32515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32515"
},
{
"name": "CVE-2021-22697",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22697"
},
{
"name": "CVE-2022-0715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0715"
},
{
"name": "CVE-2022-0223",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0223"
},
{
"name": "CVE-2022-32519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32519"
},
{
"name": "CVE-2022-22805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22805"
},
{
"name": "CVE-2022-24323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24323"
},
{
"name": "CVE-2022-32512",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32512"
},
{
"name": "CVE-2022-32518",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32518"
},
{
"name": "CVE-2022-22732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22732"
},
{
"name": "CVE-2020-28895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28895"
},
{
"name": "CVE-2022-32520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32520"
},
{
"name": "CVE-2022-32525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32525"
},
{
"name": "CVE-2021-22698",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22698"
},
{
"name": "CVE-2022-32521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32521"
}
],
"initial_release_date": "2022-06-15T00:00:00",
"last_revision_date": "2022-08-19T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-546",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-15T00:00:00.000000"
},
{
"description": "Modification de la version des produits IGSS Data Server",
"revision_date": "2022-06-23T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour du lien du bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-067-02 du 08 mars 2022.",
"revision_date": "2022-08-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-067-02 du 08 mars 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-067-02_APC-Smart-UPS_Security_Notification_V6.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-165-07 du 14 juin 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-07_CanBRASS_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-165-06 du 14 juin 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-06_C-Bus_Home_Automation_Products_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-067-01 du 08 mars 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-067-01_EcoStruxure_Control_Expert_and_EcoStruxure_Process_Expert_Security_Notification_V2.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-165-02 du 14 juin 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-02_Geo_SCADA_Android_App_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-165-08 du 14 juin 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-08_Cybersecurity_Admin_Expert_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-012-02 du 12 janvier 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-012-02_EcoStruxure_Power_Build_Rapsody_Security_Notification_V2.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-165-04 du 14 juin 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-04_%20StruxureWare_Data_Center_Expert_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-165-01 du 14 juin 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-01_IGSS_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-165-05 du 14 juin 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-05_EcoStruxure_Power_Commission_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-05 du 09 novembre 2021",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-313-05_Badalloc_Vulnerabilities_Security_Notification_V8.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-165-03 du 14 juin 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-165-03_ConextCombox_Security_Notification.pdf"
}
]
}
CERTFR-2022-AVI-628
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Schneider Electric | N/A | SpaceLogic C-Bus Home Controller (5200WHC2), C-Bus Wiser Homer Controller MK2 versions antérieures à 4.14.0 (PICED_V4.14.0 Programming Interface for C-Bus Embedded Devices version V4.14.0) | ||
| Schneider Electric | N/A | X80 advanced RTU Communication Module (BMENOR2200H) versions antérieures à 2.01 | ||
| Schneider Electric | N/A | IGSS Data Server versions antérieures à 15.0.0.22074 | ||
| Schneider Electric | N/A | SCADAPack RemoteConnect for x70 versions antérieures à R2.7.3 | ||
| Schneider Electric | N/A | Micrologiciels Easergy P5 versions antérieures à 01.401.102 | ||
| Schneider Electric | N/A | Acti9 PowerTag Link C (A9XELC10-B) versions antérieures à 2.14.0 | ||
| Schneider Electric | N/A | OPC UA Modicon Communication Module (BMENUA0100) versions 1.10 et antérieures | ||
| Schneider Electric | N/A | Acti9 PowerTag Link C (A9XELC10-A) versions antérieures à 2.14.0 | ||
| Schneider Electric | N/A | EcoStruxure Machine Expert versions antérieures à 2.0.3 | ||
| Schneider Electric | N/A | Micrologiciels Smart-UPS SCL, SRT, SRC, & XU Series versions antérieures à 15.0 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SpaceLogic C-Bus Home Controller (5200WHC2), C-Bus Wiser Homer Controller MK2 versions ant\u00e9rieures \u00e0 4.14.0 (PICED_V4.14.0 Programming Interface for C-Bus Embedded Devices version V4.14.0)",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "X80 advanced RTU Communication Module (BMENOR2200H) versions ant\u00e9rieures \u00e0 2.01",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "IGSS Data Server versions ant\u00e9rieures \u00e0 15.0.0.22074",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "SCADAPack RemoteConnect for x70 versions ant\u00e9rieures \u00e0 R2.7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Micrologiciels Easergy P5 versions ant\u00e9rieures \u00e0 01.401.102",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Acti9 PowerTag Link C (A9XELC10-B) versions ant\u00e9rieures \u00e0 2.14.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "OPC UA Modicon Communication Module (BMENUA0100) versions 1.10 et ant\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Acti9 PowerTag Link C (A9XELC10-A) versions ant\u00e9rieures \u00e0 2.14.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "EcoStruxure Machine Expert versions ant\u00e9rieures \u00e0 2.0.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Micrologiciels Smart-UPS SCL, SRT, SRC, \u0026 XU Series versions ant\u00e9rieures \u00e0 15.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-2329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2329"
},
{
"name": "CVE-2021-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21814"
},
{
"name": "CVE-2021-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21869"
},
{
"name": "CVE-2022-34760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34760"
},
{
"name": "CVE-2021-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21830"
},
{
"name": "CVE-2021-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21866"
},
{
"name": "CVE-2021-22797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22797"
},
{
"name": "CVE-2022-34753",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34753"
},
{
"name": "CVE-2022-34762",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34762"
},
{
"name": "CVE-2022-34758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34758"
},
{
"name": "CVE-2021-22779",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22779"
},
{
"name": "CVE-2021-22781",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22781"
},
{
"name": "CVE-2021-22780",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22780"
},
{
"name": "CVE-2021-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21828"
},
{
"name": "CVE-2021-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21810"
},
{
"name": "CVE-2021-21813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21813"
},
{
"name": "CVE-2022-34761",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34761"
},
{
"name": "CVE-2022-22806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22806"
},
{
"name": "CVE-2021-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21825"
},
{
"name": "CVE-2022-34759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34759"
},
{
"name": "CVE-2022-34757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34757"
},
{
"name": "CVE-2021-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21829"
},
{
"name": "CVE-2021-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21863"
},
{
"name": "CVE-2022-34754",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34754"
},
{
"name": "CVE-2021-22782",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22782"
},
{
"name": "CVE-2021-22778",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22778"
},
{
"name": "CVE-2022-34764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34764"
},
{
"name": "CVE-2022-0715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0715"
},
{
"name": "CVE-2021-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21865"
},
{
"name": "CVE-2022-34763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34763"
},
{
"name": "CVE-2021-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21867"
},
{
"name": "CVE-2022-34756",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34756"
},
{
"name": "CVE-2021-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21826"
},
{
"name": "CVE-2021-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21812"
},
{
"name": "CVE-2021-21827",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21827"
},
{
"name": "CVE-2022-22805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22805"
},
{
"name": "CVE-2022-26507",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26507"
},
{
"name": "CVE-2021-29241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29241"
},
{
"name": "CVE-2022-34765",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34765"
},
{
"name": "CVE-2021-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21815"
},
{
"name": "CVE-2021-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21811"
},
{
"name": "CVE-2020-12525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12525"
},
{
"name": "CVE-2021-29240",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29240"
},
{
"name": "CVE-2021-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21864"
},
{
"name": "CVE-2022-24324",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24324"
},
{
"name": "CVE-2021-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21868"
},
{
"name": "CVE-2021-33485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33485"
}
],
"initial_release_date": "2022-07-12T00:00:00",
"last_revision_date": "2022-08-22T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-628",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-07-12T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour des liens",
"revision_date": "2022-08-22T00:00:00.000000"
},
{
"description": "Mise \u00e0 jour des liens",
"revision_date": "2022-08-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-194-01 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-194-01_EcoStruxure_Control_Expert_Process_Expert_SCADAPack_RemoteConnect_Modicon_M580_M340_V4.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2022-193-02 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-193-02_SpaceLogic-C-Bus-Home-Controller-Wiser_MK2_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2022-193-01 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules_Security_Notification_V3.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2022-193-03 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-193-03_Acti9_PowerTag_Link_C_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2022-011-06 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-011-06_CODESYSV3_Runtime_Development_System_and_Gateway_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-257-01 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-257-01_EcoStruxure_Control_Expert_EcoStruxure_Process_Expert_SCADAPack_Security_Notification_V3.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2022-067-02 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-02\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-067-02_APC-Smart-UPS_Security_Notification_V6.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2022-102-01 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-102-01_IGSS_Security_Notification_V2.0.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2022-193-04 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-193-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-193-04_Easergy_P5_Security_Notification.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2021-222-02 du 12 juillet 2022",
"url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-222-02_AT%26T_Labs-XMILX_DEMILL_Eco_Struxure_Control_ExpertEco_Struxure_Process_Expert_SCADA_Pack_RemoteConnect_x70_Security_Notification_V4.0.pdf"
}
]
}
ghsa-hjcg-4h7x-vmj6
Vulnerability from github
Published
2022-03-10 00:00
Modified
2022-03-18 00:01
Severity ?
VLAI Severity ?
Details
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent.
Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)
{
"affected": [],
"aliases": [
"CVE-2022-22806"
],
"database_specific": {
"cwe_ids": [
"CWE-294"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-09T20:15:00Z",
"severity": "CRITICAL"
},
"details": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent.\n\nAffected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)",
"id": "GHSA-hjcg-4h7x-vmj6",
"modified": "2022-03-18T00:01:28Z",
"published": "2022-03-10T00:00:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22806"
},
{
"type": "WEB",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-067-02"
},
{
"type": "WEB",
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
var-202203-0236
Vulnerability from variot
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior). Schneider Electric The product has Capture-replay An authentication bypass vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Schneider Electric APC Smart-UPS SMC Series, etc. are all products of the French Schneider Electric (Schneider Electric). The Schneider Electric APC Smart-UPS SMC Series is an entry-level UPS for single server, low-power networking, and point-of-sale (POS) devices. Schneider Electric APC Smart-UPS SMT Series is a line interactive power protection for servers, point of sale, routers, switches, hubs and other network equipment. Schneider Electric APC Smart-UPS SMX Series is an intelligent and efficient network power protection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-0236",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scl series 1037 ups",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "03.1"
},
{
"model": "scl series 1036 ups",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "02.5"
},
{
"model": "smx series 1031 ups",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "03.1"
},
{
"model": "scl series 1029 ups",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "02.5"
},
{
"model": "scl series 1030 ups",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "02.5"
},
{
"model": "smt series 1015 ups",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "04.5"
},
{
"model": "smtl series 1026 ups",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "02.9"
},
{
"model": "smc series 1018 ups",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "04.2"
},
{
"model": "scl \u30b7\u30ea\u30fc\u30ba 1030 ups",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "smt \u30b7\u30ea\u30fc\u30ba 1015 ups",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "scl \u30b7\u30ea\u30fc\u30ba 1029 ups",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "smtl \u30b7\u30ea\u30fc\u30ba 1026 ups",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "smc \u30b7\u30ea\u30fc\u30ba 1018 ups",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "scl \u30b7\u30ea\u30fc\u30ba 1036 ups",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "scl \u30b7\u30ea\u30fc\u30ba 1037 ups",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "smx \u30b7\u30ea\u30fc\u30ba 1031 ups",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric smt series id=1015 \u003c=ups",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "04.5"
},
{
"model": "electric smc series id=1018 \u003c=ups",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "04.2"
},
{
"model": "electric smtl series id=1026 \u003c=ups",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "02.9"
},
{
"model": "electric scl series id=1029 \u003c=ups",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "02.5"
},
{
"model": "electric scl series id=1037 \u003c=ups",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "03.1"
},
{
"model": "electric smx series id=1031 \u003c=ups",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "03.1"
},
{
"model": "electric scl series id=1030 \u003c=ups",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "02.5"
},
{
"model": "electric scl series id=1036 \u003c=ups",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "02.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-18774"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-006736"
},
{
"db": "NVD",
"id": "CVE-2022-22806"
}
]
},
"cve": "CVE-2022-22806",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2022-22806",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2022-18774",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-22806",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-22806",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-22806",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2022-22806",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2022-18774",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-811",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2022-22806",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-18774"
},
{
"db": "VULMON",
"id": "CVE-2022-22806"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-006736"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-811"
},
{
"db": "NVD",
"id": "CVE-2022-22806"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior). Schneider Electric The product has Capture-replay An authentication bypass vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Schneider Electric APC Smart-UPS SMC Series, etc. are all products of the French Schneider Electric (Schneider Electric). The Schneider Electric APC Smart-UPS SMC Series is an entry-level UPS for single server, low-power networking, and point-of-sale (POS) devices. Schneider Electric APC Smart-UPS SMT Series is a line interactive power protection for servers, point of sale, routers, switches, hubs and other network equipment. Schneider Electric APC Smart-UPS SMX Series is an intelligent and efficient network power protection",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22806"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-006736"
},
{
"db": "CNVD",
"id": "CNVD-2022-18774"
},
{
"db": "VULMON",
"id": "CVE-2022-22806"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-22806",
"trust": 3.9
},
{
"db": "SCHNEIDER",
"id": "SEVD-2022-067-02",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-006736",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-18774",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022030912",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-811",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-22806",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-18774"
},
{
"db": "VULMON",
"id": "CVE-2022-22806"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-006736"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-811"
},
{
"db": "NVD",
"id": "CVE-2022-22806"
}
]
},
"id": "VAR-202203-0236",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-18774"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-18774"
}
]
},
"last_update_date": "2024-11-23T22:10:53.310000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Authentication Bypass Vulnerabilities in Multiple Schneider Electric Products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/325176"
},
{
"title": "Schneider Electric Repair measures for multiple product authorization issues",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=185602"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2022/03/09/tlstorm_apc_ups_critical_zero_days/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-18774"
},
{
"db": "VULMON",
"id": "CVE-2022-22806"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-811"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-294",
"trust": 1.0
},
{
"problemtype": "Capture-replay authentication evasion by (CWE-294) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-006736"
},
{
"db": "NVD",
"id": "CVE-2022-22806"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.se.com/ww/en/download/document/sevd-2022-067-02/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22806"
},
{
"trust": 0.6,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2022-067-02"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022030912"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-22806/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/294.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2022/03/09/tlstorm_apc_ups_critical_zero_days/"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-18774"
},
{
"db": "VULMON",
"id": "CVE-2022-22806"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-006736"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-811"
},
{
"db": "NVD",
"id": "CVE-2022-22806"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-18774"
},
{
"db": "VULMON",
"id": "CVE-2022-22806"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-006736"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-811"
},
{
"db": "NVD",
"id": "CVE-2022-22806"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-18774"
},
{
"date": "2022-03-09T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22806"
},
{
"date": "2023-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-006736"
},
{
"date": "2022-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-811"
},
{
"date": "2022-03-09T20:15:08.510000",
"db": "NVD",
"id": "CVE-2022-22806"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-18774"
},
{
"date": "2022-05-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22806"
},
{
"date": "2023-07-07T08:28:00",
"db": "JVNDB",
"id": "JVNDB-2022-006736"
},
{
"date": "2022-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-811"
},
{
"date": "2024-11-21T06:47:28.950000",
"db": "NVD",
"id": "CVE-2022-22806"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-811"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Schneider\u00a0Electric\u00a0 In the product \u00a0Capture-replay\u00a0 Authentication Bypass Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-006736"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-811"
}
],
"trust": 0.6
}
}
fkie_cve-2022-22806
Vulnerability from fkie_nvd
Published
2022-03-09 20:15
Modified
2024-11-21 06:47
Severity ?
Summary
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| schneider-electric | smt_series_1015_ups_firmware | * | |
| schneider-electric | smt_series_1015_ups | - | |
| schneider-electric | smc_series_1018_ups_firmware | * | |
| schneider-electric | smc_series_1018_ups | - | |
| schneider-electric | smtl_series_1026_ups_firmware | * | |
| schneider-electric | smtl_series_1026_ups | - | |
| schneider-electric | scl_series_1029_ups_firmware | * | |
| schneider-electric | scl_series_1029_ups | - | |
| schneider-electric | scl_series_1030_ups_firmware | * | |
| schneider-electric | scl_series_1030_ups | - | |
| schneider-electric | scl_series_1036_ups_firmware | * | |
| schneider-electric | scl_series_1036_ups | - | |
| schneider-electric | scl_series_1037_ups_firmware | * | |
| schneider-electric | scl_series_1037_ups | - | |
| schneider-electric | smx_series_1031_ups_firmware | * | |
| schneider-electric | smx_series_1031_ups | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:smt_series_1015_ups_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3EA55B-DB09-4124-A9D9-A92431C38D1F",
"versionEndIncluding": "04.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:smt_series_1015_ups:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95C1E3D9-606B-4C57-A4E7-0A45C9D46332",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:smc_series_1018_ups_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE2D844-ED18-44D3-9E75-4BB3082E4B51",
"versionEndIncluding": "04.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:smc_series_1018_ups:-:*:*:*:*:*:*:*",
"matchCriteriaId": "154E788E-173C-4D16-A492-B61D39D420EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:smtl_series_1026_ups_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE693F05-B0A7-452D-94C6-D36E37ACF6CB",
"versionEndIncluding": "02.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:smtl_series_1026_ups:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B138EB4-6264-4BFA-B4C7-4B23FFA676B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:scl_series_1029_ups_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E0803A-637E-4BBA-B9D5-AB59EE122844",
"versionEndIncluding": "02.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:scl_series_1029_ups:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4175BEC7-DA4D-4E19-A642-A5FC13D3598E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:scl_series_1030_ups_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "469F9813-DE0E-4752-91EB-FECC001C6825",
"versionEndIncluding": "02.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:scl_series_1030_ups:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8DC43CB-66C0-469B-AF87-0120D6280584",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:scl_series_1036_ups_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22E4C951-876D-46F7-8CF4-D943464E8338",
"versionEndIncluding": "02.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:scl_series_1036_ups:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FB7E0EB-AF6D-4107-B343-50309E9DF03E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:scl_series_1037_ups_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E52A522-88D4-4B6A-83B4-C56C093C7F54",
"versionEndIncluding": "03.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:scl_series_1037_ups:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04C627CE-E3F8-4E3F-8B93-07C92AA21296",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:smx_series_1031_ups_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6251AE4E-FFED-4B0C-A90B-A3BD852A2ED8",
"versionEndIncluding": "03.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:smx_series_1031_ups:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E1E7040-8123-483C-AE62-F190D83D0ADC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)"
},
{
"lang": "es",
"value": "Una CWE-294: se presenta una vulnerabilidad de Omisi\u00f3n de la Autenticaci\u00f3n Mediante Captura-repetici\u00f3n que podr\u00eda causar una conexi\u00f3n no autenticada al SAI cuando se env\u00eda una conexi\u00f3n malformada. Producto afectado: Familia SmartConnect: Serie SMT (SMT Series ID=1015: UPS 04.5 y anteriores), Serie SMC (SMC Series ID=1018: UPS 04.2 y anteriores), Serie SMTL (SMTL Series ID=1026: UPS 02.9 y anteriores), Serie SCL (SCL Series ID=1029: UPS 02. 5 y anteriores / SCL Series ID=1030: UPS 02.5 y anteriores / SCL Series ID=1036: UPS 02.5 y anteriores / SCL Series ID=1037: UPS 03.1 y anteriores), SMX Series (SMX Series ID=1031: UPS 03.1 y anteriores)"
}
],
"id": "CVE-2022-22806",
"lastModified": "2024-11-21T06:47:28.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-09T20:15:08.510",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "cybersecurity@se.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
cnvd-2022-18774
Vulnerability from cnvd
Title
Schneider Electric多款产品身份验证绕过漏洞
Description
Schneider Electric APC Smart-UPS SMC Series等都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric APC Smart-UPS SMC Series是一款适用于单台服务器、低功耗网络和销售点 (POS) 设备的入门级 UPS。Schneider Electric APC Smart-UPS SMT Series是一款服务器、销售点、路由器、交换机、集线器和其他网络设备的线路交互式电源保护。Schneider Electric APC Smart-UPS SMX Series是一款智能高效网络电源保护。
Schneider Electric多款产品存在身份验证绕过漏洞,攻击者可利用该漏洞在发送错误的连接时导致与不间断电源的未经验证的连接。
Severity
高
VLAI Severity ?
Patch Name
Schneider Electric多款产品身份验证绕过漏洞的补丁
Patch Description
Schneider Electric APC Smart-UPS SMC Series等都是法国施耐德电气(Schneider Electric)公司的产品。Schneider Electric APC Smart-UPS SMC Series是一款适用于单台服务器、低功耗网络和销售点 (POS) 设备的入门级 UPS。Schneider Electric APC Smart-UPS SMT Series是一款服务器、销售点、路由器、交换机、集线器和其他网络设备的线路交互式电源保护。Schneider Electric APC Smart-UPS SMX Series是一款智能高效网络电源保护。
Schneider Electric多款产品存在身份验证绕过漏洞,攻击者可利用该漏洞在发送错误的连接时导致与不间断电源的未经验证的连接。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://download.schneider-electric.com/files?p_File_Name=SEVD-2022-067-02_Smart-UPS_Security_Notification_CN.pdf
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-22806
Impacted products
| Name | ['Schneider Electric SMT Series ID=1015 <=UPS 04.5', 'Schneider Electric SMC Series ID=1018 <=UPS 04.2', 'Schneider Electric SMTL Series ID=1026 <=UPS 02.9', 'Schneider Electric SCL Series ID=1029 <=UPS 02.5', 'Schneider Electric SCL Series ID=1037 <=UPS 03.1', 'Schneider Electric SMX Series ID=1031 <=UPS 03.1', 'Schneider Electric SCL Series ID=1030 <=UPS 02.5', 'Schneider Electric SCL Series ID=1036 <=UPS 02.5'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2022-22806"
}
},
"description": "Schneider Electric APC Smart-UPS SMC Series\u7b49\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Schneider Electric APC Smart-UPS SMC Series\u662f\u4e00\u6b3e\u9002\u7528\u4e8e\u5355\u53f0\u670d\u52a1\u5668\u3001\u4f4e\u529f\u8017\u7f51\u7edc\u548c\u9500\u552e\u70b9 (POS) \u8bbe\u5907\u7684\u5165\u95e8\u7ea7 UPS\u3002Schneider Electric APC Smart-UPS SMT Series\u662f\u4e00\u6b3e\u670d\u52a1\u5668\u3001\u9500\u552e\u70b9\u3001\u8def\u7531\u5668\u3001\u4ea4\u6362\u673a\u3001\u96c6\u7ebf\u5668\u548c\u5176\u4ed6\u7f51\u7edc\u8bbe\u5907\u7684\u7ebf\u8def\u4ea4\u4e92\u5f0f\u7535\u6e90\u4fdd\u62a4\u3002Schneider Electric APC Smart-UPS SMX Series\u662f\u4e00\u6b3e\u667a\u80fd\u9ad8\u6548\u7f51\u7edc\u7535\u6e90\u4fdd\u62a4\u3002\n\nSchneider Electric\u591a\u6b3e\u4ea7\u54c1\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d1\u9001\u9519\u8bef\u7684\u8fde\u63a5\u65f6\u5bfc\u81f4\u4e0e\u4e0d\u95f4\u65ad\u7535\u6e90\u7684\u672a\u7ecf\u9a8c\u8bc1\u7684\u8fde\u63a5\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://download.schneider-electric.com/files?p_File_Name=SEVD-2022-067-02_Smart-UPS_Security_Notification_CN.pdf",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2022-18774",
"openTime": "2022-03-12",
"patchDescription": "Schneider Electric APC Smart-UPS SMC Series\u7b49\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Schneider Electric APC Smart-UPS SMC Series\u662f\u4e00\u6b3e\u9002\u7528\u4e8e\u5355\u53f0\u670d\u52a1\u5668\u3001\u4f4e\u529f\u8017\u7f51\u7edc\u548c\u9500\u552e\u70b9 (POS) \u8bbe\u5907\u7684\u5165\u95e8\u7ea7 UPS\u3002Schneider Electric APC Smart-UPS SMT Series\u662f\u4e00\u6b3e\u670d\u52a1\u5668\u3001\u9500\u552e\u70b9\u3001\u8def\u7531\u5668\u3001\u4ea4\u6362\u673a\u3001\u96c6\u7ebf\u5668\u548c\u5176\u4ed6\u7f51\u7edc\u8bbe\u5907\u7684\u7ebf\u8def\u4ea4\u4e92\u5f0f\u7535\u6e90\u4fdd\u62a4\u3002Schneider Electric APC Smart-UPS SMX Series\u662f\u4e00\u6b3e\u667a\u80fd\u9ad8\u6548\u7f51\u7edc\u7535\u6e90\u4fdd\u62a4\u3002\r\n\r\nSchneider Electric\u591a\u6b3e\u4ea7\u54c1\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d1\u9001\u9519\u8bef\u7684\u8fde\u63a5\u65f6\u5bfc\u81f4\u4e0e\u4e0d\u95f4\u65ad\u7535\u6e90\u7684\u672a\u7ecf\u9a8c\u8bc1\u7684\u8fde\u63a5\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Schneider Electric\u591a\u6b3e\u4ea7\u54c1\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Schneider Electric SMT Series ID=1015 \u003c=UPS 04.5",
"Schneider Electric SMC Series ID=1018 \u003c=UPS 04.2",
"Schneider Electric SMTL Series ID=1026 \u003c=UPS 02.9",
"Schneider Electric SCL Series ID=1029 \u003c=UPS 02.5",
"Schneider Electric SCL Series ID=1037 \u003c=UPS 03.1",
"Schneider Electric SMX Series ID=1031 \u003c=UPS 03.1",
"Schneider Electric SCL Series ID=1030 \u003c=UPS 02.5",
"Schneider Electric SCL Series ID=1036 \u003c=UPS 02.5"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-22806",
"serverity": "\u9ad8",
"submitTime": "2022-03-10",
"title": "Schneider Electric\u591a\u6b3e\u4ea7\u54c1\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…