CVE-2022-34762 - OpenCVE

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Schneider-electric	X80 Advanced Rtu Module Firmware Opc Ua Module For M580 Firmware X80 Advanced Rtu Module Opc Ua Module For M580

Configuration 1 [-]

AND

cpe:2.3:o:schneider-electric:opc_ua_module_for_m580_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:opc_ua_module_for_m580:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:schneider-electric:x80_advanced_rtu_module_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:x80_advanced_rtu_module:-:*:*:*:*:*:*:*

References

Link	Resource
https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules+_Security_Notification.pdf	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: schneider

Published: 2022-07-12T00:00:00

Updated: 2022-07-13T21:10:56

Reserved: 2022-06-28T00:00:00

Link: CVE-2022-34762

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-07-13T21:15:08.633

Modified: 2022-07-28T00:00:15.753

Link: CVE-2022-34762

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "OPC UA Modicon Communication Module", "vendor": "Schneider Electric", "versions": [{"lessThan": "V1.10", "status": "affected", "version": "BMENUA0100", "versionType": "custom"}]}, {"product": "X80 advanced RTU Communication Module", "vendor": "Schneider Electric", "versions": [{"lessThan": "BMENOR2200H*", "status": "affected", "version": "V2.01 ", "versionType": "custom"}]}], "datePublic": "2022-07-12T00:00:00", "descriptions": [{"lang": "en", "value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-13T21:10:56", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules+_Security_Notification.pdf"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@schneider-electric.com", "DATE_PUBLIC": "2022-07-12T11:00:00.000Z", "ID": "CVE-2022-34762", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "OPC UA Modicon Communication Module", "version": {"version_data": [{"version_affected": "<", "version_name": "BMENUA0100", "version_value": "V1.10"}]}}, {"product_name": "X80 advanced RTU Communication Module", "version": {"version_data": [{"version_affected": ">", "version_name": "BMENOR2200H", "version_value": "V2.01 "}]}}]}, "vendor_name": "Schneider Electric"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)"}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules+_Security_Notification.pdf", "refsource": "MISC", "url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules+_Security_Notification.pdf"}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2022-34762", "datePublished": "2022-07-12T00:00:00", "dateReserved": "2022-06-28T00:00:00", "dateUpdated": "2022-07-13T21:10:56", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:opc_ua_module_for_m580_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C0FE426-148B-4E23-8434-3E9A3F1943D2", "versionEndIncluding": "1.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:opc_ua_module_for_m580:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C43DE37-0241-4A43-B761-0A1F2D2684A3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:x80_advanced_rtu_module_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6FA21E71-EF69-48C5-845B-44FA1D65DF20", "versionStartIncluding": "2.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:x80_advanced_rtu_module:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDD764FE-9165-41E9-9328-93A519CFDB99", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)"}, {"lang": "es", "value": "Una CWE-22: Se presenta una vulnerabilidad de Limitaci\u00f3n Inapropiada de un Nombre de Ruta a un Directorio Restringido (\"Salto de Ruta\") que podr\u00eda causar la carga no autorizada de im\u00e1genes de firmware cuando son a\u00f1adidas im\u00e1genes sin firmar a la ruta de im\u00e1genes de firmware. Productos afectados: X80 advanced RTU Communication Module (BMENOR2200H) (versiones V2.01 y posteriores), OPC UA Modicon Communication Module (BMENUA0100) (versiones V1.10 y anteriores)"}], "id": "CVE-2022-34762", "lastModified": "2022-07-28T00:00:15.753", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.2, "source": "cybersecurity@se.com", "type": "Secondary"}]}, "published": "2022-07-13T21:15:08.633", "references": [{"source": "cybersecurity@se.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules+_Security_Notification.pdf"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "cybersecurity@se.com", "type": "Primary"}]}