Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-24312 (GCVE-0-2022-24312)
Vulnerability from cvelistv5
Published
2022-02-09 22:04
Modified
2024-08-03 04:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
Summary
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
References
| URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) |
Version: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-12T02:06:26",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-24312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)",
"version": {
"version_data": [
{
"version_value": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01",
"refsource": "MISC",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2022-24312",
"datePublished": "2022-02-09T22:04:58",
"dateReserved": "2022-02-02T00:00:00",
"dateUpdated": "2024-08-03T04:07:02.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-24312\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2022-02-09T23:15:19.747\",\"lastModified\":\"2024-11-21T06:50:09.000\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)\"},{\"lang\":\"es\",\"value\":\"Una CWE-22: Se presenta una vulnerabilidad de Limitaci\u00f3n Inapropiada de un Nombre de Ruta a un Directorio Restringido que podr\u00eda causar la modificaci\u00f3n de un archivo existente al a\u00f1adir al final del archivo o crear un nuevo archivo en el contexto del Servidor de Datos que potencialmente conllevar\u00eda a una ejecuci\u00f3n de c\u00f3digo remota cuando un atacante env\u00eda un mensaje especialmente dise\u00f1ado. Producto afectado: Interactive Graphical SCADA System Data Server (versiones V15.0.0.22020 y anteriores)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schneider-electric:interactive_graphical_scada_system_data_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"15.0.0.22020\",\"matchCriteriaId\":\"6418CE35-66F8-4EA4-9C84-4396FF70C773\"}]}]}],\"references\":[{\"url\":\"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-321/\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-22-321/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
cnvd-2022-13068
Vulnerability from cnvd
Title
Schneider Electric Interactive Graphical SCADA System路径遍历漏洞(CNVD-2022-13068)
Description
Schneider Electric Interactive Graphical SCADA System(IGSS)是法国施耐德电气(Schneider Electric)公司的一套用于监控和控制工业过程的SCADA(数据采集与监控系统)系统。
Schneider Electric Interactive Graphical SCADA System存在路径遍历漏洞,攻击者可利用该漏洞创建一个新文件的上下文数据服务器导致远程代码执行。
Severity
高
VLAI Severity ?
Patch Name
Schneider Electric Interactive Graphical SCADA System路径遍历漏洞(CNVD-2022-13068)的补丁
Patch Description
Schneider Electric Interactive Graphical SCADA System(IGSS)是法国施耐德电气(Schneider Electric)公司的一套用于监控和控制工业过程的SCADA(数据采集与监控系统)系统。
Schneider Electric Interactive Graphical SCADA System存在路径遍历漏洞,攻击者可利用该漏洞创建一个新文件的上下文数据服务器导致远程代码执行。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01
Reference
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01
Impacted products
| Name | Schneider Electric Interactive Graphical SCADA System <=15.0.0.22020 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2022-24312",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-24312"
}
},
"description": "Schneider Electric Interactive Graphical SCADA System\uff08IGSS\uff09\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u76d1\u63a7\u548c\u63a7\u5236\u5de5\u4e1a\u8fc7\u7a0b\u7684SCADA\uff08\u6570\u636e\u91c7\u96c6\u4e0e\u76d1\u63a7\u7cfb\u7edf\uff09\u7cfb\u7edf\u3002\n\nSchneider Electric Interactive Graphical SCADA System\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u521b\u5efa\u4e00\u4e2a\u65b0\u6587\u4ef6\u7684\u4e0a\u4e0b\u6587\u6570\u636e\u670d\u52a1\u5668\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2022-13068",
"openTime": "2022-02-22",
"patchDescription": "Schneider Electric Interactive Graphical SCADA System\uff08IGSS\uff09\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u76d1\u63a7\u548c\u63a7\u5236\u5de5\u4e1a\u8fc7\u7a0b\u7684SCADA\uff08\u6570\u636e\u91c7\u96c6\u4e0e\u76d1\u63a7\u7cfb\u7edf\uff09\u7cfb\u7edf\u3002\r\n\r\nSchneider Electric Interactive Graphical SCADA System\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u521b\u5efa\u4e00\u4e2a\u65b0\u6587\u4ef6\u7684\u4e0a\u4e0b\u6587\u6570\u636e\u670d\u52a1\u5668\u5bfc\u81f4\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Schneider Electric Interactive Graphical SCADA System\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff08CNVD-2022-13068\uff09\u7684\u8865\u4e01",
"products": {
"product": "Schneider Electric Interactive Graphical SCADA System \u003c=15.0.0.22020"
},
"referenceLink": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01",
"serverity": "\u9ad8",
"submitTime": "2022-02-13",
"title": "Schneider Electric Interactive Graphical SCADA System\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff08CNVD-2022-13068\uff09"
}
icsa-22-046-01
Vulnerability from csaf_cisa
Published
2022-02-15 00:00
Modified
2022-02-15 00:00
Summary
Schneider Electric IGSS
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could result in a variety of issues, including disclosure of data and loss of control of the SCADA system with IGSS running in production mode.
Critical infrastructure sectors
Commercial Facilities, Critical Manufacturing, Energy
Countries/areas deployed
Worldwide
Company headquarters location
France
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Tenable",
"summary": "independently reporting to Schneider Electric and CISA by Tenable, and by Vyacheslav Moskvin working with Trend Micro \u0027s Zero Day Initiative"
},
{
"names": [
"Vyacheslav Moskvin"
],
"organization": "Trend Micro \u0027s Zero Day Initiative",
"summary": "independently reporting to Schneider Electric and CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could result in a variety of issues, including disclosure of data and loss of control of the SCADA system with IGSS running in production mode.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities, Critical Manufacturing, Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "France",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-046-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-046-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-046-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-046-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Schneider Electric IGSS",
"tracking": {
"current_release_date": "2022-02-15T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-046-01",
"initial_release_date": "2022-02-15T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-02-15T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-046-01 Schneider Electric IGSS"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 15.0.0.22020",
"product": {
"name": "IGSS Data Server (IGSSdataServer.exe): v15.0.0.22020 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "IGSS Data Server (IGSSdataServer.exe)"
}
],
"category": "vendor",
"name": "Schneider Electric Software, LLC"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24310",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages.CVE-2022-24310 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24310"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24311",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause modification of an existing file by inserting data at the beginning of the file or creating a new file in the context of the data server. This could potentially lead to remote code execution when an attacker sends a specially crafted message.CVE-2022-24311 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24311"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24312",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause modification of an existing file by adding data at the end of the file or creating a new file in the context of the data server. This could potentially lead to remote code execution when an attacker sends a specially crafted message.CVE-2022-24312 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24312"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24313",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message.CVE-2022-24313 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24313"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24314",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause memory leaks potentially resulting in denial of service when an attacker repeatedly sends a specially crafted message.CVE-2022-24314 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24314"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24315",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause denial of service when an attacker repeatedly sends a specially crafted message.CVE-2022-24315 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24315"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24316",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause information exposure when an attacker sends a specially crafted message.CVE-2022-24316 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24316"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24317",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause information exposure when an attacker sends a specific message.CVE-2022-24317 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24317"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
ICSA-22-046-01
Vulnerability from csaf_cisa
Published
2022-02-15 00:00
Modified
2022-02-15 00:00
Summary
Schneider Electric IGSS
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could result in a variety of issues, including disclosure of data and loss of control of the SCADA system with IGSS running in production mode.
Critical infrastructure sectors
Commercial Facilities, Critical Manufacturing, Energy
Countries/areas deployed
Worldwide
Company headquarters location
France
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Tenable",
"summary": "independently reporting to Schneider Electric and CISA by Tenable, and by Vyacheslav Moskvin working with Trend Micro \u0027s Zero Day Initiative"
},
{
"names": [
"Vyacheslav Moskvin"
],
"organization": "Trend Micro \u0027s Zero Day Initiative",
"summary": "independently reporting to Schneider Electric and CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could result in a variety of issues, including disclosure of data and loss of control of the SCADA system with IGSS running in production mode.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities, Critical Manufacturing, Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "France",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-046-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-046-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-046-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-046-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Schneider Electric IGSS",
"tracking": {
"current_release_date": "2022-02-15T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-046-01",
"initial_release_date": "2022-02-15T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-02-15T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-046-01 Schneider Electric IGSS"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 15.0.0.22020",
"product": {
"name": "IGSS Data Server (IGSSdataServer.exe): v15.0.0.22020 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "IGSS Data Server (IGSSdataServer.exe)"
}
],
"category": "vendor",
"name": "Schneider Electric Software, LLC"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24310",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages.CVE-2022-24310 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24310"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24311",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause modification of an existing file by inserting data at the beginning of the file or creating a new file in the context of the data server. This could potentially lead to remote code execution when an attacker sends a specially crafted message.CVE-2022-24311 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24311"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24312",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause modification of an existing file by adding data at the end of the file or creating a new file in the context of the data server. This could potentially lead to remote code execution when an attacker sends a specially crafted message.CVE-2022-24312 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24312"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24313",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message.CVE-2022-24313 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24313"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24314",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause memory leaks potentially resulting in denial of service when an attacker repeatedly sends a specially crafted message.CVE-2022-24314 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24314"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24315",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause denial of service when an attacker repeatedly sends a specially crafted message.CVE-2022-24315 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24315"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24316",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause information exposure when an attacker sends a specially crafted message.CVE-2022-24316 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24316"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-24317",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists that could cause information exposure when an attacker sends a specific message.CVE-2022-24317 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24317"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Version 15.0.0.22021 of IGSS Data Server includes corrections for these vulnerabilities and is available for download through IGSS Master \u003e Update IGSS Software.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://igss.schneider-electric.com/igss/igssupdates/v150/IGSSUPDATE.ZIP"
},
{
"category": "mitigation",
"details": "Schneider Electric recommends users use appropriate patching methodologies when applying these patches to their systems. They strongly recommend the use of back-ups and evaluating the impact of these patches in a test and development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center for assistance removing a patch.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.se.com/us/en/work/support/contacts.jsp"
},
{
"category": "mitigation",
"details": "If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Follow the general security recommendations below and verify devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the network.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never connect programming software to any network other than the network intended for that device.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc., before use in the terminals or any node connected to these networks.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Minimize network exposure for all control system devices and systems and ensure they are not accessible from the Internet.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "When remote access is required, use secure methods, such as virtual private networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "For more information see Schneider Electric\u0027s security notification: SEVD-2022-039-01",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
var-202202-0249
Vulnerability from variot
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior). (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Schneider Electric Interactive Graphical SCADA System (IGSS) is a set of SCADA (Data Acquisition and Supervisory Control System) systems used by Schneider Electric in France to monitor and control industrial processes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202202-0249",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "interactive graphical scada system data server",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "15.0.0.22020"
},
{
"model": "igss data server",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "igss data server",
"scope": "lte",
"trust": 0.8,
"vendor": "schneider electric",
"version": "15.0.0.22020 and earlier"
},
{
"model": "igss",
"scope": null,
"trust": 0.7,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric interactive graphical scada system",
"scope": "lte",
"trust": 0.6,
"vendor": "schneider",
"version": "\u003c=15.0.0.22020"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"db": "CNVD",
"id": "CNVD-2022-13068"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"db": "NVD",
"id": "CVE-2022-24312"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vyacheslav Moskvin",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-910"
}
],
"trust": 1.3
},
"cve": "CVE-2022-24312",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2022-24312",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-13068",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-24312",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-24312",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-24312",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-24312",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2022-24312",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2022-24312",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-13068",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202202-910",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"db": "CNVD",
"id": "CNVD-2022-13068"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-910"
},
{
"db": "NVD",
"id": "CVE-2022-24312"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior). (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by default. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Schneider Electric Interactive Graphical SCADA System (IGSS) is a set of SCADA (Data Acquisition and Supervisory Control System) systems used by Schneider Electric in France to monitor and control industrial processes",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-24312"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"db": "CNVD",
"id": "CNVD-2022-13068"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-24312",
"trust": 4.5
},
{
"db": "ZDI",
"id": "ZDI-22-321",
"trust": 3.1
},
{
"db": "SCHNEIDER",
"id": "SEVD-2022-039-01",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-22-046-01",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU96061299",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005363",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-14943",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-13068",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0676",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021405",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202202-910",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"db": "CNVD",
"id": "CNVD-2022-13068"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-910"
},
{
"db": "NVD",
"id": "CVE-2022-24312"
}
]
},
"id": "VAR-202202-0249",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13068"
}
],
"trust": 1.3829545300000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-13068"
}
]
},
"last_update_date": "2024-11-23T21:50:42.583000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2022-039-01",
"trust": 0.8,
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"title": "",
"trust": 0.7,
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01https://www.cisa.gov/uscert/ics/advisories/icsa-22-046-01"
},
{
"title": "Patch for Schneider Electric Interactive Graphical SCADA System Path Traversal Vulnerability (CNVD-2022-13068)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/321191"
},
{
"title": "Schneider Electric Interactive Graphical SCADA System Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=181834"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"db": "CNVD",
"id": "CNVD-2022-13068"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-910"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"db": "NVD",
"id": "CVE-2022-24312"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-321/"
},
{
"trust": 2.2,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2022-039-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-24312"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96061299/"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-046-01"
},
{
"trust": 0.7,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2022-039-01https://www.cisa.gov/uscert/ics/advisories/icsa-22-046-01"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021405"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-046-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0676"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"db": "CNVD",
"id": "CNVD-2022-13068"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-910"
},
{
"db": "NVD",
"id": "CVE-2022-24312"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"db": "CNVD",
"id": "CNVD-2022-13068"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-910"
},
{
"db": "NVD",
"id": "CVE-2022-24312"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-11T00:00:00",
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"date": "2022-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-13068"
},
{
"date": "2023-05-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"date": "2022-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-910"
},
{
"date": "2022-02-09T23:15:19.747000",
"db": "NVD",
"id": "CVE-2022-24312"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-09-20T00:00:00",
"db": "ZDI",
"id": "ZDI-22-321"
},
{
"date": "2022-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-13068"
},
{
"date": "2023-05-30T01:42:00",
"db": "JVNDB",
"id": "JVNDB-2022-005363"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-910"
},
{
"date": "2024-11-21T06:50:09",
"db": "NVD",
"id": "CVE-2022-24312"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-910"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Interactive\u00a0Graphical\u00a0SCADA\u00a0System\u00a0Data\u00a0Server\u00a0 Past traversal vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005363"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-910"
}
],
"trust": 0.6
}
}
CERTFR-2022-AVI-123
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
IGSS Data Server versions antérieures à V15.0.0.22021
EcoStruxure EV Charging Expert versions antérieures à V4.0.0.13 SP8 (Version 01)
Easergy P40 Series model numbers avec option Ethernet (produit ayant le code Q, R, S)
spaceLYnk versions antérieures à 2.7.0
Wiser for KNX product versions antérieures à 2.7.0
fellerLYnk product versions antérieures à 2.7.0
EcoStruxure Geo SCADA Expert versions antérieures à 2021
ClearSCADA versions antérieures à 2017 R3 August 2021 Monthly Update.
Harmony/Magelis iPC Series sans le correctif fourni avec Vijeo Designer version V6.2 SP11 Multi HotFix 4
Vijeo Designer versions antérieures à V6.2 SP11 Multi HotFix 4
Vijeo Designer Basic versions antérieures à v1.2.1
M241/M251 toutes versions
EcoStruxure Machine Expert toutes versions
Harmony/Magelis modèles HMISTU, HMIGTO, HMIGTU, HMIGTUX, HMIGK, HMISCU
Eurotherm E+PLC100 toutes versions
Eurotherm E+PLC400 toutes versions
Eurotherm E+PLC tools toutes versions
Easy Harmony ET6 (HMIET) sans le correctif fourni avec Vijeo Designer Basic version V1.2.1
Easy Harmony GXU (HMIGXU) sans le correctif fourni avec Vijeo Designer Basic version V1.2.1
Harmony/ Magelis modèles HMIGTU, HMIGTUX, HMIGK sans le correctif fourni avec Vijeo Designer version V6.2 SP11 Multi HotFix 4
Modicon M241/M251 Logic Controllers versions antérieures à V5.1.9.34
Modicon M262 Logic Controllers versions antérieures à V5.1.6.1
Easergy MiCOM P30 versions 660 -674
Easergy MiCOM P40 toutes versions
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eIGSS Data Server versions ant\u00e9rieures \u00e0 V15.0.0.22021\u003cbr /\u003e EcoStruxure EV Charging Expert versions ant\u00e9rieures \u00e0 V4.0.0.13 SP8 (Version 01)\u003cbr /\u003e Easergy P40 Series model numbers avec option Ethernet (produit ayant le code Q, R, S)\u003cbr /\u003e spaceLYnk versions ant\u00e9rieures \u00e0 2.7.0\u003cbr /\u003e Wiser for KNX product versions ant\u00e9rieures \u00e0 2.7.0\u003cbr /\u003e fellerLYnk product versions ant\u00e9rieures \u00e0 2.7.0\u003cbr /\u003e EcoStruxure Geo SCADA Expert versions ant\u00e9rieures \u00e0 2021\u003cbr /\u003e ClearSCADA versions ant\u00e9rieures \u00e0 2017 R3 August 2021 Monthly Update.\u003cbr /\u003e Harmony/Magelis iPC Series sans le correctif fourni avec Vijeo Designer version V6.2 SP11 Multi HotFix 4\u003cbr /\u003e Vijeo Designer versions ant\u00e9rieures \u00e0 V6.2 SP11 Multi HotFix 4\u003cbr /\u003e Vijeo Designer Basic versions ant\u00e9rieures \u00e0 v1.2.1\u003cbr /\u003e M241/M251 toutes versions\u003cbr /\u003e EcoStruxure Machine Expert toutes versions\u003cbr /\u003e Harmony/Magelis mod\u00e8les HMISTU, HMIGTO, HMIGTU, HMIGTUX, HMIGK, HMISCU\u003cbr /\u003e Eurotherm E+PLC100 toutes versions\u003cbr /\u003e Eurotherm E+PLC400 toutes versions\u003cbr /\u003e Eurotherm E+PLC tools toutes versions\u003cbr /\u003e Easy Harmony ET6 (HMIET) sans le correctif fourni avec Vijeo Designer Basic version V1.2.1\u003cbr /\u003e Easy Harmony GXU (HMIGXU) sans le correctif fourni avec Vijeo Designer Basic version V1.2.1\u003cbr /\u003e Harmony/ Magelis mod\u00e8les HMIGTU, HMIGTUX, HMIGK sans le correctif fourni avec Vijeo Designer version V6.2 SP11 Multi HotFix 4\u003cbr /\u003e Modicon M241/M251 Logic Controllers versions ant\u00e9rieures \u00e0 V5.1.9.34\u003cbr /\u003e Modicon M262 Logic Controllers versions ant\u00e9rieures \u00e0 V5.1.6.1\u003cbr /\u003e Easergy MiCOM P30 versions 660 -674\u003cbr /\u003e Easergy MiCOM P40 toutes versions\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-22817",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22817"
},
{
"name": "CVE-2022-22812",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22812"
},
{
"name": "CVE-2022-24312",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24312"
},
{
"name": "CVE-2020-35198",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35198"
},
{
"name": "CVE-2022-24316",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24316"
},
{
"name": "CVE-2022-24314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24314"
},
{
"name": "CVE-2022-24320",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24320"
},
{
"name": "CVE-2022-22811",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22811"
},
{
"name": "CVE-2022-24321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24321"
},
{
"name": "CVE-2022-22810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22810"
},
{
"name": "CVE-2022-24310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24310"
},
{
"name": "CVE-2022-24311",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24311"
},
{
"name": "CVE-2022-24318",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24318"
},
{
"name": "CVE-2022-22813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22813"
},
{
"name": "CVE-2022-24313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24313"
},
{
"name": "CVE-2022-24319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24319"
},
{
"name": "CVE-2022-24315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24315"
},
{
"name": "CVE-2022-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22809"
},
{
"name": "CVE-2022-22808",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22808"
},
{
"name": "CVE-2020-28895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28895"
},
{
"name": "CVE-2022-24317",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24317"
},
{
"name": "CVE-2021-29240",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29240"
},
{
"name": "CVE-2022-22807",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22807"
}
],
"initial_release_date": "2022-02-09T00:00:00",
"last_revision_date": "2022-02-09T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-123",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-039-01 du 08 f\u00e9vrier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-039-04 du 08 f\u00e9vrier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-04"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-313-05 du 09 novembre 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-05"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-039-05 du 08 f\u00e9vrier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-05"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-039-03 du 08 f\u00e9vrier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-03"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-039-06 du 08 f\u00e9vrier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-06"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2022-039-02 du 08 f\u00e9vrier 2022",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-02"
}
]
}
fkie_cve-2022-24312
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:50
Severity ?
Summary
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
References
| URL | Tags | ||
|---|---|---|---|
| cybersecurity@se.com | https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01 | Patch, Vendor Advisory | |
| cybersecurity@se.com | https://www.zerodayinitiative.com/advisories/ZDI-22-321/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-321/ | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| schneider-electric | interactive_graphical_scada_system_data_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:interactive_graphical_scada_system_data_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6418CE35-66F8-4EA4-9C84-4396FF70C773",
"versionEndIncluding": "15.0.0.22020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
},
{
"lang": "es",
"value": "Una CWE-22: Se presenta una vulnerabilidad de Limitaci\u00f3n Inapropiada de un Nombre de Ruta a un Directorio Restringido que podr\u00eda causar la modificaci\u00f3n de un archivo existente al a\u00f1adir al final del archivo o crear un nuevo archivo en el contexto del Servidor de Datos que potencialmente conllevar\u00eda a una ejecuci\u00f3n de c\u00f3digo remota cuando un atacante env\u00eda un mensaje especialmente dise\u00f1ado. Producto afectado: Interactive Graphical SCADA System Data Server (versiones V15.0.0.22020 y anteriores)"
}
],
"id": "CVE-2022-24312",
"lastModified": "2024-11-21T06:50:09.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:19.747",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"source": "cybersecurity@se.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "cybersecurity@se.com",
"type": "Primary"
}
]
}
ghsa-f2c9-3mf8-9p4q
Vulnerability from github
Published
2022-02-11 00:00
Modified
2022-02-18 00:00
VLAI Severity ?
Details
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
{
"affected": [],
"aliases": [
"CVE-2022-24312"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-09T23:15:00Z",
"severity": "CRITICAL"
},
"details": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)",
"id": "GHSA-f2c9-3mf8-9p4q",
"modified": "2022-02-18T00:00:58Z",
"published": "2022-02-11T00:00:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24312"
},
{
"type": "WEB",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-321"
}
],
"schema_version": "1.4.0",
"severity": []
}
gsd-2022-24312
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-24312",
"description": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)",
"id": "GSD-2022-24312"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-24312"
],
"details": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)",
"id": "GSD-2022-24312",
"modified": "2023-12-13T01:19:42.979933Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-24312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)",
"version": {
"version_data": [
{
"version_value": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01",
"refsource": "MISC",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:interactive_graphical_scada_system_data_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.0.0.22020",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-24312"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-321/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-02-17T03:49Z",
"publishedDate": "2022-02-09T23:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…