VDE-2022-034

Vulnerability from csaf_trumpfsecokg - Published: 2022-08-15 10:00 - Updated: 2022-08-15 10:00
Summary
TRUMPF: Products prone to Unified Automation vulnerabilities
Notes
Summary: A number of TRUMPF software tools use the OPC UA Server in C++ based OPC UA SDK by Unified Automation. The application contains several vulnerabilities, which enable an attacker to send malicious data to the application, resulting in a Denial-of-Service.
Impact: The stated TRUMPF products are supplied with the Unified Automation OPC UA Server in versions that are known to contain a number of vulnerabilities. We can not confirm at this time whether the use of vulnerable OPC UA Server exposes our products to the risks described in the CVEs mentioned above. Nevertheless, TRUMPF offers updates for its products that contain the fixed versions provided by Unified Automation.
Remediation: Use the updated versions of the TRUMPF OPC UA server that will be available via MyTRUMPF.
CVE-2022-29862

An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Vendor Fix Use the updated versions of the TRUMPF OPC UA server that will be available via MyTRUMPF.
CVE-2022-29864

OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 - Uncontrolled Resource Consumption
Vendor Fix Use the updated versions of the TRUMPF OPC UA server that will be available via MyTRUMPF.
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "A number of TRUMPF software tools use the OPC UA Server in C++ based OPC UA SDK by Unified Automation. The application contains several vulnerabilities, which enable an attacker to send malicious data to the application, resulting in a Denial-of-Service.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "The stated TRUMPF products are supplied with the Unified Automation OPC UA Server in versions that are known to contain a number of vulnerabilities. We can not confirm at this time whether the use of vulnerable OPC UA Server exposes our products to the risks described in the CVEs mentioned above. Nevertheless, TRUMPF offers updates for its products that contain the fixed versions provided by Unified Automation.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Use the updated versions of the TRUMPF OPC UA server that will be available via MyTRUMPF.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "product.security@trumpf.com",
      "name": "Trumpf SE + Co. KG",
      "namespace": "https://www.trumpf.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2022-034: TRUMPF: Products prone to Unified Automation vulnerabilities - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2024-032/"
      },
      {
        "category": "self",
        "summary": "VDE-2022-034: TRUMPF: Products prone to Unified Automation vulnerabilities - CSAF",
        "url": "https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-034.json"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Trumpf SE + Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/trumpf/"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.trumpf.com"
      }
    ],
    "title": "TRUMPF: Products prone to Unified Automation vulnerabilities",
    "tracking": {
      "aliases": [
        "VDE-2022-034"
      ],
      "current_release_date": "2022-08-15T10:00:00.000Z",
      "generator": {
        "date": "2025-06-12T08:14:54.926Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.27"
        }
      },
      "id": "VDE-2022-034",
      "initial_release_date": "2022-08-15T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2022-08-15T10:00:00.000Z",
          "number": "1.0.0",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c6.3.2",
                    "product": {
                      "name": "MOS \u003c6.3.2",
                      "product_id": "CSAFPID-51001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "MOS"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c2.5.0",
                    "product": {
                      "name": "OPC UA Proxy \u003c2.5.0",
                      "product_id": "CSAFPID-51002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "OPC UA Proxy"
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "TRUMPF"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ],
        "summary": "Affected products."
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-29862",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Use the updated versions of the TRUMPF OPC UA server that will be available via MyTRUMPF.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002"
          ]
        }
      ],
      "title": "CVE-2022-29862"
    },
    {
      "cve": "CVE-2022-29864",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "description",
          "text": "OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Use the updated versions of the TRUMPF OPC UA server that will be available via MyTRUMPF.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002"
          ]
        }
      ],
      "title": "CVE-2022-29864"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.