CVE-2022-4332 - OpenCVE

In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device.

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Sprecher-automation	Sprecon-e-p Ds6-0 Firmware Sprecon-e-p Dl6-1 Firmware Sprecon-e-c Firmware Sprecon-e-tc Ax-3110 Firmware Sprecon-e-t3 Sprecon-e-c Sprecon-e-tc Ax-3110 Sprecon-e-t3 Firmware Sprecon-e-p Dq6-1 Firmware Sprecon-e-p Ds6-0 Sprecon-e-p Dq6-1 Sprecon-e-p Dl6-1

Configuration 1 [-]

AND

cpe:2.3:o:sprecher-automation:sprecon-e-p_dq6-1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sprecher-automation:sprecon-e-p_dq6-1:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:sprecher-automation:sprecon-e-p_dl6-1_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sprecher-automation:sprecon-e-p_dl6-1:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:sprecher-automation:sprecon-e-p_ds6-0_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sprecher-automation:sprecon-e-p_ds6-0:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:sprecher-automation:sprecon-e-c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sprecher-automation:sprecon-e-c:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:sprecher-automation:sprecon-e-t3_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sprecher-automation:sprecon-e-t3:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:sprecher-automation:sprecon-e-tc_ax-3110_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sprecher-automation:sprecon-e-tc_ax-3110:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/2022-12_Advisories.pdf	Mitigation Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: CERTVDE

Published: 2023-06-01T05:36:28.688Z

Updated: 2023-06-01T05:36:28.688Z

Reserved: 2022-12-07T11:22:36.781Z

Link: CVE-2022-4332

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-06-01T06:15:09.877

Modified: 2023-06-09T15:51:18.877

Link: CVE-2022-4332

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-4332", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2022-12-07T11:22:36.781Z", "datePublished": "2023-06-01T05:36:28.688Z", "dateUpdated": "2023-06-01T05:36:28.688Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SPRECON-E-C/P/T3 CPU PU244x", "vendor": "Sprecher Automation", "versions": [{"status": "affected", "version": "all"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device."}], "value": "In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a\u00a0vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device."}], "impacts": [{"capecId": "CAPEC-533", "descriptions": [{"lang": "en", "value": "CAPEC-533 Malicious Manual Software Update"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2023-06-01T05:36:28.688Z"}, "references": [{"url": "https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/2022-12_Advisories.pdf"}], "source": {"defect": ["CERT@VDE#64323"], "discovery": "UNKNOWN"}, "title": "Sprecher: Vulnerable firmware verification", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sprecher-automation:sprecon-e-p_dq6-1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8CA59F65-3A20-4E7F-A888-224521DCDAFF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sprecher-automation:sprecon-e-p_dq6-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "664F4B0C-7EEE-4AAA-9C87-EA6FDAB9B10C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sprecher-automation:sprecon-e-p_dl6-1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "45E23CA6-0DA8-451E-A0A8-48FD794963D9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sprecher-automation:sprecon-e-p_dl6-1:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD753ACD-77BF-4F2D-AA06-5083082F9C00", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sprecher-automation:sprecon-e-p_ds6-0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7A8BB9E-BF76-475E-8A75-FC6517D07C71", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sprecher-automation:sprecon-e-p_ds6-0:-:*:*:*:*:*:*:*", "matchCriteriaId": "59815159-1AF0-4E23-94B1-040312259591", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sprecher-automation:sprecon-e-c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9DF00EFE-05D9-48D1-9D32-B0E4E40D14F3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sprecher-automation:sprecon-e-c:-:*:*:*:*:*:*:*", "matchCriteriaId": "7DE018DD-422E-441D-8096-0AA6DC308A2A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sprecher-automation:sprecon-e-t3_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0BDEAF2-092F-413D-9D16-AAFA484D13AB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sprecher-automation:sprecon-e-t3:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3D74929-4546-441B-8D8D-3E9F0FA7EE7E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sprecher-automation:sprecon-e-tc_ax-3110_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BAA3CF3D-B264-4929-BE7D-97E6415D5208", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sprecher-automation:sprecon-e-tc_ax-3110:-:*:*:*:*:*:*:*", "matchCriteriaId": "994140F8-2E5C-4CAB-8721-D91F66BCB109", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a\u00a0vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device."}], "id": "CVE-2022-4332", "lastModified": "2023-06-09T15:51:18.877", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "info@cert.vde.com", "type": "Primary"}]}, "published": "2023-06-01T06:15:09.877", "references": [{"source": "info@cert.vde.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/2022-12_Advisories.pdf"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "info@cert.vde.com", "type": "Secondary"}]}