mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-19 17:32:41 +00:00
145 lines
7.1 KiB
JSON
145 lines
7.1 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "ics-cert@hq.dhs.gov",
|
|
"DATE_PUBLIC": "2022-06-16T17:00:00.000Z",
|
|
"ID": "CVE-2022-2003",
|
|
"STATE": "PUBLIC",
|
|
"TITLE": "AutomationDirect DirectLOGIC with Serial Communication Cleartext Transmission"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "DirectLOGIC D0-06 series CPUs",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "D0-06DD1",
|
|
"version_value": "2.72"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "D0-06DD2",
|
|
"version_value": "2.72"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "D0-06DR",
|
|
"version_value": "2.72"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "D0-06DA",
|
|
"version_value": "2.72"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "D0-06AR",
|
|
"version_value": "2.72"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "D0-06AA",
|
|
"version_value": "2.72"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "D0-06DD1-D",
|
|
"version_value": "2.72"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "D0-06DD2-D",
|
|
"version_value": "2.72"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "D0-06DR-D",
|
|
"version_value": "2.72"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "AutomationDirect"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"credit": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Sam Hanson of Dragos reported this vulnerability to CISA."
|
|
}
|
|
],
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect DirectLOGIC D0-06 series CPUs D0-06DD1 versions prior to 2.72; D0-06DD2 versions prior to 2.72; D0-06DR versions prior to 2.72; D0-06DA versions prior to 2.72; D0-06AR versions prior to 2.72; D0-06AA versions prior to 2.72; D0-06DD1-D versions prior to 2.72; D0-06DD2-D versions prior to 2.72; D0-06DR-D versions prior to 2.72;"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.0.9"
|
|
},
|
|
"impact": {
|
|
"cvss": {
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "LOCAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 7.7,
|
|
"baseSeverity": "HIGH",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
|
|
"version": "3.1"
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-319 Cleartext Transmission of Sensitive Information"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-02",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-02"
|
|
},
|
|
{
|
|
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-03"
|
|
}
|
|
]
|
|
},
|
|
"solution": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "AutomationDirect recommends users upgrade to firmware Version 2.72 or later, which will no longer respond with the password when requested with the specially crafted message.\n\nAdditional mitigation for brute force password access has also been added. Three incorrect password entries will result in a 3-hour lock out of password entry. Power cycle will allow subsequent password attempts.\n\nWhile automation networks and systems have built-in password protection schemes, this is only one step in securing the affected systems. Automation control system networks must incorporate data protection and security measures at least as robust as a typical business computer system. AutomationDirect recommends users of PLCs, HMI products, and other SCADA system products perform independent network security analysis to determine the proper level of security required for the application.\n\nAutomationDirect has identified the specific mitigation actions listed below:\n\nSecure physical access.\nIsolate and air gap networks when possible.\nConsider some of the AutomationDirect newer PLC families."
|
|
}
|
|
],
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
}
|
|
} |