admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-303xx/CVE-2022-30314.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

101 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-30314",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-28T16:15:10.857",
"lastModified": "2022-08-05T22:29:00.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The Honeywell Experion PKS Safety Manager utilizes the DCOM-232/485 serial interface for firmware management purposes. When booting, the Safety Manager exposes the Enea POLO bootloader via this interface. Access to the boot configuration is controlled by means of credentials hardcoded in the Safety Manager firmware. The credentials for the bootloader are hardcoded in the firmware. An attacker with access to the serial interface (either through physical access, a compromised EWS or an exposed serial-to-ethernet gateway) can utilize these credentials to control the boot process and manipulate the unauthenticated firmware image (see FSCT-2022-0054)."
},
{
"lang": "es",
"value": "Honeywell Experion PKS Safety Manager versi\u00f3n 5.02, usa credenciales embebidas. Seg\u00fan FSCT-2022-0052, se presenta un problema de credenciales embebidas de Honeywell Experion PKS Safety Manager. Los componentes afectados son caracterizados como: POLO bootloader. El impacto potencial es: Manipular el firmware. El Safety Manager de Honeywell Experion PKS usa la interfaz serie DCOM-232/485 para la administraci\u00f3n del firmware. Cuando arranca, el Safety Manager expone el bootloader Enea POLO por medio de esta interfaz. El acceso a la configuraci\u00f3n de arranque es controlada mediante credenciales embebidas en el firmware del Safety Manager. Las credenciales para el cargador de arranque est\u00e1n embebidas en el firmware. Un atacante con acceso a la interfaz serie (ya sea mediante un acceso f\u00edsico, un EWS comprometido o una puerta de enlace serie-ethernet expuesta) puede usar estas credenciales para controlar el proceso de arranque y manipular la imagen de firmware no autenticada (ver FSCT-2022-0054)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:safety_manager_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "r160.1",
"matchCriteriaId": "42733462-A847-489A-AC0A-411E5F93E4D9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:honeywell:safety_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6B8510-74F7-4B1F-A59A-0FC4261DFE90"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-02",
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.forescout.com/blog/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink