CVE-2022-2967 - Vulnerability Details - OpenCVE

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Prosysopc	Ua Modbus Server Ua Simulation Server

Configuration 1 [-]

OR	cpe:2.3:a:prosysopc:ua_modbus_server::::::::
	cpe:2.3:a:prosysopc:ua_simulation_server::::::::

No data.

References

Link	Providers
https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01
https://www.prosysopc.com/blog/#Security

History

Thu, 16 Jan 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-01-03T21:24:21.098Z

Updated: 2025-01-16T22:03:17.067Z

Reserved: 2022-08-23T15:17:49.768Z

Link: CVE-2022-2967

Vulnrichment

Updated: 2024-08-03T00:53:00.627Z

NVD

Status : Modified

Published: 2023-01-03T22:15:11.757

Modified: 2024-11-21T07:02:00.250

Link: CVE-2022-2967

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-2967", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2022-08-23T15:17:49.768Z", "datePublished": "2023-01-03T21:24:21.098Z", "dateUpdated": "2025-01-16T22:03:17.067Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "UA Simulation Server", "vendor": "Prosys OPC", "versions": [{"lessThan": "5.3.0-64", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "UA Modbus Server", "vendor": "Prosys OPC", "versions": [{"lessThanOrEqual": "1.4.18-5", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Parvin Kumar, Dr. Sriharsha Etigowni, and Prof. Dongyan Xu of Purdue University West Lafayette reported this vulnerability to CISA."}], "datePublic": "2022-12-15T18:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."}], "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-01-03T21:24:21.098Z"}, "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"}, {"url": "https://www.prosysopc.com/blog/#Security"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Prosys has released updates for the following products:<br>\u2022 UA Simulation Server: Update to v5.4.0<br>\u2022 UA Modbus Server: Update to 1.4.20<br><br>"}], "value": "Prosys has released updates for the following products:\n\u2022 UA Simulation Server: Update to v5.4.0\n\u2022 UA Modbus Server: Update to 1.4.20\n\n"}], "source": {"advisory": "ICSA-22-349-01", "discovery": "EXTERNAL"}, "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n<p>Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:</p>\n\n<ul><li>Restart the application after modifying user passwords.</li>\n</ul><p>For more information, users can refer to the Prosys OPC <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.prosysopc.com/blog/#Security\">security blog</a><span style=\"background-color: var(--wht);\">.</span></p>"}], "value": "Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:\n\n\n\n * Restart the application after modifying user passwords.\n\n\n\nFor more information, users can refer to the Prosys OPC security blog https://www.prosysopc.com/blog/#Security .\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:53:00.627Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01", "tags": ["x_transferred"]}, {"url": "https://www.prosysopc.com/blog/#Security", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-16T20:32:48.380253Z", "id": "CVE-2022-2967", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-16T22:03:17.067Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01", "tags": ["x_transferred"]}, {"url": "https://www.prosysopc.com/blog/#Security", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:53:00.627Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-2967", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-16T20:32:48.380253Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-16T20:32:49.756Z"}}], "cna": {"source": {"advisory": "ICSA-22-349-01", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Parvin Kumar, Dr. Sriharsha Etigowni, and Prof. Dongyan Xu of Purdue University West Lafayette reported this vulnerability to CISA."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Prosys OPC", "product": "UA Simulation Server", "versions": [{"status": "affected", "version": "0", "lessThan": "5.3.0-64", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Prosys OPC", "product": "UA Modbus Server", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "1.4.18-5"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Prosys has released updates for the following products:\n\u2022 UA Simulation Server: Update to v5.4.0\n\u2022 UA Modbus Server: Update to 1.4.20\n\n", "supportingMedia": [{"type": "text/html", "value": "Prosys has released updates for the following products:<br>\u2022 UA Simulation Server: Update to v5.4.0<br>\u2022 UA Modbus Server: Update to 1.4.20<br><br>", "base64": false}]}], "datePublic": "2022-12-15T18:00:00.000Z", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"}, {"url": "https://www.prosysopc.com/blog/#Security"}], "workarounds": [{"lang": "en", "value": "Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:\n\n\n\n * Restart the application after modifying user passwords.\n\n\n\nFor more information, users can refer to the Prosys OPC security blog https://www.prosysopc.com/blog/#Security .\n\n", "supportingMedia": [{"type": "text/html", "value": "\n<p>Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:</p>\n\n<ul><li>Restart the application after modifying user passwords.</li>\n</ul><p>For more information, users can refer to the Prosys OPC <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.prosysopc.com/blog/#Security\">security blog</a><span style=\"background-color: var(--wht);\">.</span></p>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.", "supportingMedia": [{"type": "text/html", "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-01-03T21:24:21.098Z"}}}, "cveMetadata": {"cveId": "CVE-2022-2967", "state": "PUBLISHED", "dateUpdated": "2025-01-16T22:03:17.067Z", "dateReserved": "2022-08-23T15:17:49.768Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2023-01-03T21:24:21.098Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:prosysopc:ua_modbus_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBD45F09-929C-4DFC-844D-3AC4E00F4F66", "versionEndExcluding": "1.4.20", "vulnerable": true}, {"criteria": "cpe:2.3:a:prosysopc:ua_simulation_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C7B35D9-620E-45A2-8717-91ACD9FFB3FD", "versionEndExcluding": "5.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."}, {"lang": "es", "value": "La versi\u00f3n del servidor de simulaci\u00f3n Prosys OPC UA anterior a la v5.3.0-64 y las versiones del UA Modbus Server 1.4.18-5 y anteriores no protegen suficientemente las credenciales, lo que podr\u00eda permitir a un atacante obtener credenciales de usuario y acceder a los datos del sistema."}], "id": "CVE-2022-2967", "lastModified": "2024-11-21T07:02:00.250", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-03T22:15:11.757", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Vendor Advisory"], "url": "https://www.prosysopc.com/blog/#Security"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.prosysopc.com/blog/#Security"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}