CVE-2022-47911 - Vulnerability Details - OpenCVE

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Sewio	Real-time Location System Studio

Configuration 1 [-]

cpe:2.3:a:sewio:real-time_location_system_studio:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01

History

Thu, 16 Jan 2025 22:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-01-18T00:47:02.611Z

Updated: 2025-01-16T21:59:38.724Z

Reserved: 2022-12-21T18:52:32.347Z

Link: CVE-2022-47911

Vulnrichment

Updated: 2024-08-03T15:02:36.575Z

NVD

Status : Modified

Published: 2023-01-18T01:15:13.040

Modified: 2024-11-21T07:32:31.320

Link: CVE-2022-47911

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-47911", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2022-12-21T18:52:32.347Z", "datePublished": "2023-01-18T00:47:02.611Z", "dateUpdated": "2025-01-16T21:59:38.724Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "RTLS Studio", "vendor": "Sewio", "versions": [{"lessThanOrEqual": "2.6.2", "status": "affected", "version": "2.0.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Andrea Palanca of Nozomi Networks"}], "datePublic": "2023-01-12T21:05:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Sewio\u2019s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.</p>"}], "value": "Sewio\u2019s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-01-18T00:47:02.611Z"}, "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n<p>Sewio has provided the following updates and recommends that users update to the latest version: </p>\n\n<ul><li>RTLS Studio: Update to <a target=\"_blank\" rel=\"nofollow\" href=\"https://portal.sewio.net/login\">version 3.0.0 or later</a> (requires login)</li></ul>"}], "value": "Sewio has provided the following updates and recommends that users update to the latest version: \n\n\n\n * RTLS Studio: Update to version 3.0.0 or later https://portal.sewio.net/login \u00a0(requires login)\n\n\n"}], "source": {"discovery": "EXTERNAL"}, "title": "CVE-2022-47911", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n<p>Sewio also recommends the following workarounds to reduce the risk of exploitation: </p>\n\n<ul><li>Minimize network exposure for all control system devices and/or systems, and ensure they are <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01\">not accessible from the internet</a>. </li>\n\t<li>Locate control system networks and remote devices behind firewalls and isolate them from business networks. </li></ul>\n\n<br>"}], "value": "Sewio also recommends the following workarounds to reduce the risk of exploitation: \n\n\n\n * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 . \n\n\t * Locate control system networks and remote devices behind firewalls and isolate them from business networks. \n\n\n\n\n\n"}], "x_generator": {"engine": "VINCE 2.0.5", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2022-47911"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:02:36.575Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-16T20:32:13.976968Z", "id": "CVE-2022-47911", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-16T21:59:38.724Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:02:36.575Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-47911", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-16T20:32:13.976968Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-16T20:32:16.463Z"}}], "cna": {"title": "CVE-2022-47911", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Andrea Palanca of Nozomi Networks"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Sewio", "product": "RTLS Studio", "versions": [{"status": "affected", "version": "2.0.0", "versionType": "custom", "lessThanOrEqual": "2.6.2"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Sewio has provided the following updates and recommends that users update to the latest version: \n\n\n\n * RTLS Studio: Update to version 3.0.0 or later https://portal.sewio.net/login \u00a0(requires login)\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n<p>Sewio has provided the following updates and recommends that users update to the latest version: </p>\n\n<ul><li>RTLS Studio: Update to <a target=\"_blank\" rel=\"nofollow\" href=\"https://portal.sewio.net/login\">version 3.0.0 or later</a> (requires login)</li></ul>", "base64": false}]}], "datePublic": "2023-01-12T21:05:00.000Z", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01"}], "workarounds": [{"lang": "en", "value": "Sewio also recommends the following workarounds to reduce the risk of exploitation: \n\n\n\n * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 . \n\n\t * Locate control system networks and remote devices behind firewalls and isolate them from business networks. \n\n\n\n\n\n", "supportingMedia": [{"type": "text/html", "value": "\n<p>Sewio also recommends the following workarounds to reduce the risk of exploitation: </p>\n\n<ul><li>Minimize network exposure for all control system devices and/or systems, and ensure they are <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01\">not accessible from the internet</a>. </li>\n\t<li>Locate control system networks and remote devices behind firewalls and isolate them from business networks. </li></ul>\n\n<br>", "base64": false}]}], "x_generator": {"env": "prod", "engine": "VINCE 2.0.5", "origin": "https://cveawg.mitre.org/api/cve/CVE-2022-47911"}, "descriptions": [{"lang": "en", "value": "Sewio\u2019s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Sewio\u2019s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-01-18T00:47:02.611Z"}}}, "cveMetadata": {"cveId": "CVE-2022-47911", "state": "PUBLISHED", "dateUpdated": "2025-01-16T21:59:38.724Z", "dateReserved": "2022-12-21T18:52:32.347Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2023-01-18T00:47:02.611Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sewio:real-time_location_system_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BFF34E9-1653-45FC-B8F1-4A61931A0779", "versionEndIncluding": "2.6.2", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Sewio\u2019s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system commands.\n\n"}, {"lang": "es", "value": " El sistema de ubicaci\u00f3n en tiempo real (RTLS) Studio de Sewio, versi\u00f3n 2.0.0 hasta la versi\u00f3n 2.6.2 inclusive, no valida correctamente el nombre del m\u00f3dulo de entrada para los servicios de respaldo del software. Esto podr\u00eda permitir que un atacante remoto acceda a funciones confidenciales de la aplicaci\u00f3n y ejecute comandos arbitrarios del sistema."}], "id": "CVE-2022-47911", "lastModified": "2024-11-21T07:32:31.320", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-18T01:15:13.040", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}