Multiple vulnerabilities in Emerson Proficy Machine Edition



Published: 2022-08-17
Risk High
Patch available NO
Number of vulnerabilities 6
CVE-ID CVE-2022-2793
CVE-2022-2792
CVE-2022-2791
CVE-2022-2790
CVE-2022-2789
CVE-2022-2788
CWE-ID CWE-353
CWE-284
CWE-434
CWE-347
CWE-345
CWE-22
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Proficy Machine Edition
Server applications / Other server solutions

Vendor Emerson

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Missing Support for Integrity Check

EUVDB-ID: #VU66573

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-2793

CWE-ID: CWE-353 - Missing Support for Integrity Check

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to improper authentication or authorization of data packets after establishing a connection for the SRTP protocol. An attacker with physical access can bypass authentication on the target system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Proficy Machine Edition: 9.00

External links

http://ics-cert.us-cert.gov/advisories/icsa-22-228-06


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper access control

EUVDB-ID: #VU66574

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-2792

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to the affected application stores project data in a directory with improper access control lists. A local user can bypass implemented security restrictions and gain unauthorized access to the application.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Proficy Machine Edition: 9.00

External links

http://ics-cert.us-cert.gov/advisories/icsa-22-228-06


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Arbitrary file upload

EUVDB-ID: #VU66576

Risk: Low

CVSSv3.1: 7.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-2791

CWE-ID: CWE-434 - Unrestricted Upload of File with Dangerous Type

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to the affected application will upload any file written into the PLC logic folder to the connected PLC. A local user can upload a malicious file and execute it on the server.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Proficy Machine Edition: 9.00

External links

http://ics-cert.us-cert.gov/advisories/icsa-22-228-06


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU66577

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-2790

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to the affected application does not properly verify compiled logic (PDT files) and data blocks data (BLD/BLK files). A local user can bypass authentication on the target system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Proficy Machine Edition: 9.00

External links

http://ics-cert.us-cert.gov/advisories/icsa-22-228-06


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Insufficient verification of data authenticity

EUVDB-ID: #VU66578

Risk: Low

CVSSv3.1: 4.3 [CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-2789

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to the affected product can display logic that is different than the compiled logic. A local attacker can bypass authentication on the target system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Proficy Machine Edition: 9.00

External links

http://ics-cert.us-cert.gov/advisories/icsa-22-228-06


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Path traversal

EUVDB-ID: #VU66579

Risk: High

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-2788

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can perform a ZipSlip attack through an upload procedure and execute arbitrary code on the target system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Proficy Machine Edition: 9.80

External links

http://ics-cert.us-cert.gov/advisories/icsa-22-228-06


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###