CVE-2022-3388 - OpenCVE

An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Hitachienergy	Microscada Pro Sys600 Microscada X Sys600

Configuration 1 [-]

OR	cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:::::::*
	cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:::::::*
	cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:::::::*
	cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:::::::*
	cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:::::::*
	cpe:2.3:a:hitachienergy:microscada_x_sys600:10:::::::*
	cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:::::::*
	cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:::::::*
	cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:::::::*
	cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:::::::*
	cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:::::::*
	cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:::::::*
	cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:::::::*

References

Link	Resource
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123&LanguageCode=en&DocumentPartId=&Action=Launch&elqaid=4293&elqat=1	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner:

Published: 2022-11-21T00:00:00

Updated: 2023-10-19T04:28:13.552Z

Reserved: 2022-09-30T00:00:00

Link: CVE-2022-3388

JSON object: View

NVD Information

Status : Modified

Published: 2022-11-21T19:15:13.353

Modified: 2023-10-19T05:15:58.283

Link: CVE-2022-3388

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "MicroSCADA Pro SYS600", "vendor": "Hitachi Energy", "versions": [{"status": "affected", "version": "9.0"}]}, {"defaultStatus": "unaffected", "product": "MicroSCADA X SYS600", "vendor": "Hitachi Energy", "versions": [{"status": "affected", "version": "10.0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n\n\nAn input validation vulnerability exists in the Monitor Pro interface of MicroSCADA\nPro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.\n\n\n\n\n\n"}], "value": "\n\n\nAn input validation vulnerability exists in the Monitor Pro interface of MicroSCADA\nPro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.\n\n\n\n\n\n"}], "impacts": [{"capecId": "CAPEC-23", "descriptions": [{"lang": "en", "value": "CAPEC-23 File Content Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2023-10-19T04:28:13.552Z"}, "references": [{"name": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123&LanguageCode=en&DocumentPartId=&Action=Launch&elqaid=4293&elqat=1", "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123&LanguageCode=en&DocumentPartId=&Action=Launch&elqaid=4293&elqat=1"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "For SYS600 9.x: update to at SYS600 version SYS600 9.4 FP2 Hotfix 5 when it is released or upgrade to at least SYS600 version 10.4.1.<br>\n\nA requirement to install SYS600 9.4 FP2 Hotfix 5 is to have at least\nthe SYS600 9.4 FP2 Hotfix 4 installed.<br><br> \n\nCPE: <br>cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:*<br>\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:*\n\n<br>\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:*\n\n<br>\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:*\n\n<br>\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:*\n\n<br><br>"}], "value": "For SYS600 9.x: update to at SYS600 version SYS600 9.4 FP2\u00a0Hotfix 5 when it is released or upgrade to at least SYS600 version 10.4.1.\n\n\nA requirement to install SYS600 9.4 FP2 Hotfix 5 is to have at least\nthe SYS600 9.4 FP2 Hotfix 4 installed.\n\n \n\nCPE:\u00a0\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:*\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:*\n\n\n\n\ncpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:*\n\n\n\n"}, {"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nFor SYS600 10.x update to at least SYS600 version 10.4.1\nOr apply general mitigation factors.<br><br>\n\n\nCPE: <br>cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*<br>cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:*<br>cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:*<br>cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*<br>cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*<br>cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*<br>cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*<br>cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*<br><br>"}], "value": "\nFor SYS600 10.x update to at least SYS600 version 10.4.1\nOr apply general mitigation factors.\n\n\n\n\nCPE:\u00a0\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*\ncpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*\n\n"}], "source": {"advisory": "8DBD000123", "discovery": "INTERNAL"}, "title": "Input Validation Vulnerability in Hitachi Energy\u2019s MicroSCADA Pro/X SYS600 Products", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nRecommended security practices and firewall configurations can help protect a process control network from\nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and\nare separated from other networks by means of a firewall system that has a minimal number of ports exposed,\nand others that have to be evaluated case by case. Process control systems should not be used for Internet\nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system. Proper password policies and processes should be followed.\nWe recommend following the cybersecurity deployment guideline as follows: 1MRK511518 MicroSCADA X\nCyber Security Deployment Guideline.\n\n<br>"}], "value": "\nRecommended security practices and firewall configurations can help protect a process control network from\nattacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and\nare separated from other networks by means of a firewall system that has a minimal number of ports exposed,\nand others that have to be evaluated case by case. Process control systems should not be used for Internet\nsurfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be\u00a0carefully scanned for viruses before they are connected to a control system. Proper password policies and processes should be followed.\nWe recommend following the cybersecurity deployment guideline as follows: 1MRK511518 MicroSCADA X\nCyber Security Deployment Guideline.\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}, "cveMetadata": {"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "cveId": "CVE-2022-3388", "requesterUserId": "00000000-0000-4000-9000-000000000000", "serial": 1, "state": "PUBLISHED", "dateUpdated": "2023-10-19T04:28:13.552Z", "dateReserved": "2022-09-30T00:00:00", "datePublished": "2022-11-21T00:00:00"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "04AC7D20-659E-4844-A5A1-5B995FDB1B44", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A63E12C-E39C-420F-AEA2-377A60E03A28", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "FCD469ED-619F-4075-923A-8D6E15245831", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.3:*:*:*:*:*:*:*", "matchCriteriaId": "0577CAD7-1C5C-40D6-B20B-56F532642583", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_pro_sys600:9.4:*:*:*:*:*:*:*", "matchCriteriaId": "ECDCF4E1-FCCC-4984-AE92-3C188B469E63", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10:*:*:*:*:*:*:*", "matchCriteriaId": "606A7937-B800-4862-9B38-91E10BD54184", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "572594C5-7BDF-4555-954E-59AC83373E0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E9F9C6EE-D049-42E7-8843-9C732DCB1E49", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "2D603FC1-851F-49DD-931C-E74F142F6281", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8617D0B8-0516-4CA2-9CFA-B9B65D8E125F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3:*:*:*:*:*:*:*", "matchCriteriaId": "EC293ABD-343C-4DE1-BE14-E3033DE094AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "571AF4DB-6A32-49CF-B8E9-8224A084BE35", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:microscada_x_sys600:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "9E8462B2-9E02-414C-96DA-98C812089F56", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "\n\n\nAn input validation vulnerability exists in the Monitor Pro interface of MicroSCADA\nPro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.\n\n\n\n\n\n"}, {"lang": "es", "value": "Existe una vulnerabilidad de validaci\u00f3n de entrada en la interfaz Monitor Pro de MicroSCADA Pro y MicroSCADA X SYS600. Un usuario autenticado puede iniciar una ejecuci\u00f3n remota de c\u00f3digo a nivel de administrador independientemente de la funci\u00f3n del usuario autenticado."}], "id": "CVE-2022-3388", "lastModified": "2023-10-19T05:15:58.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}, "published": "2022-11-21T19:15:13.353", "references": [{"source": "cybersecurity@hitachienergy.com", "tags": ["Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000123&LanguageCode=en&DocumentPartId=&Action=Launch&elqaid=4293&elqat=1"}], "sourceIdentifier": "cybersecurity@hitachienergy.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}