CVE-2022-30269 - Vulnerability Details - OpenCVE

Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Motorola	Ace1000 Ace1000 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:motorola:ace1000_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:motorola:ace1000:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06
https://www.forescout.com/blog/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-07-26T22:11:30

Updated: 2024-08-03T06:48:34.866Z

Reserved: 2022-05-04T00:00:00

Link: CVE-2022-30269

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-07-26T23:15:08.097

Modified: 2024-11-21T07:02:27.923

Link: CVE-2022-30269

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-07-26T22:11:30", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.forescout.com/blog/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-30269", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.forescout.com/blog/", "refsource": "MISC", "url": "https://www.forescout.com/blog/"}, {"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06", "refsource": "MISC", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T06:48:34.866Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.forescout.com/blog/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-30269", "datePublished": "2022-07-26T22:11:30", "dateReserved": "2022-05-04T00:00:00", "dateUpdated": "2024-08-03T06:48:34.866Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:motorola:ace1000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D94120E5-38DE-44EF-B1D6-C418DC816D25", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:motorola:ace1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D16356CC-9056-4675-8DBE-EF395A5529E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks."}, {"lang": "es", "value": "Motorola ACE1000 RTUs versiones hasta 02-05-2022, manejan inapropiadamente la integridad de las aplicaciones. Permiten la instalaci\u00f3n de aplicaciones personalizadas por medio del software STS, el kit de herramientas C o el ACE1000 Easy Configurator. En el caso del Easy Configurator, las im\u00e1genes de las aplicaciones (como archivos PLX/DAT/APP/CRC) son cargadas por medio de la Interfaz de Usuario Web. En el caso del kit de herramientas C, son transferidas e instaladas mediante SFTP/SSH. En cada caso, las im\u00e1genes de la aplicaci\u00f3n no ten\u00edan autenticaci\u00f3n (en forma de firma de firmware) y s\u00f3lo eran basadas en sumas de comprobaci\u00f3n no seguras para las comprobaciones de integridad peri\u00f3dicas"}], "id": "CVE-2022-30269", "lastModified": "2024-11-21T07:02:27.923", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-26T23:15:08.097", "references": [{"source": "cve@mitre.org", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://www.forescout.com/blog/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "https://www.forescout.com/blog/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-345"}], "source": "nvd@nist.gov", "type": "Primary"}]}