Sign-up

ID

VAR-202204-1280


CVE

CVE-2022-1118


TITLE

Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

Trust: 2.8

sources: ZDI: ZDI-22-589 // ZDI: ZDI-22-588 // ZDI: ZDI-22-587 // ZDI: ZDI-22-586

DESCRIPTION

Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and Safety Instrumented System Workstation (v1.2 and prior (for Trusted Controllers)) do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in arbitrary code execution. This vulnerability requires user interaction to be successfully exploited. Rockwell Automation Provided by ISaGRAF Deserialization of untrusted data ( CWE-502 , CVE-2022-1118 ) Is vulnerable.By opening a specially crafted, malicious file, an attacker may be able to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of CCWARC files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process

Trust: 4.32

sources: NVD: CVE-2022-1118 // JVNDB: JVNDB-2022-001527 // ZDI: ZDI-22-589 // ZDI: ZDI-22-588 // ZDI: ZDI-22-587 // ZDI: ZDI-22-586 // VULHUB: VHN-418892 // VULMON: CVE-2022-1118

AFFECTED PRODUCTS

vendor:rockwell automationmodel:connected components workbenchscope: - version: -

Trust: 3.6

vendor:rockwellautomationmodel:isagraf workbenchscope:lteversion:6.6.9

Trust: 1.0

vendor:rockwellautomationmodel:isagraf workbenchscope:gteversion:6.0

Trust: 1.0

vendor:rockwellautomationmodel:connected component workbenchscope:lteversion:13.00.00

Trust: 1.0

vendor:rockwellautomationmodel:safety instrumented systems workstationscope:lteversion:1.2

Trust: 1.0

vendor:rockwell automationmodel:isagraf workbenchscope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:safety instrumented systems workstationscope:lteversion:v1.2 and earlier (trusted controller for )

Trust: 0.8

sources: ZDI: ZDI-22-589 // ZDI: ZDI-22-588 // ZDI: ZDI-22-587 // ZDI: ZDI-22-586 // JVNDB: JVNDB-2022-001527 // NVD: CVE-2022-1118

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2022-1118
value: HIGH

Trust: 2.8

nvd@nist.gov: CVE-2022-1118
value: HIGH

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2022-1118
value: HIGH

Trust: 1.0

NVD: CVE-2022-1118
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202204-2525
value: HIGH

Trust: 0.6

VULHUB: VHN-418892
value: MEDIUM

Trust: 0.1

VULMON: CVE-2022-1118
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-1118
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-418892
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ZDI: CVE-2022-1118
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 2.8

nvd@nist.gov: CVE-2022-1118
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ics-cert@hq.dhs.gov: CVE-2022-1118
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 6.0
version: 3.1

Trust: 1.0

OTHER: JVNDB-2022-001527
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: ZDI: ZDI-22-589 // ZDI: ZDI-22-588 // ZDI: ZDI-22-587 // ZDI: ZDI-22-586 // VULHUB: VHN-418892 // VULMON: CVE-2022-1118 // JVNDB: JVNDB-2022-001527 // CNNVD: CNNVD-202204-2525 // NVD: CVE-2022-1118 // NVD: CVE-2022-1118

PROBLEMTYPE DATA

problemtype:CWE-502

Trust: 1.1

problemtype:Deserialization of untrusted data (CWE-502) [ others ]

Trust: 0.8

sources: VULHUB: VHN-418892 // JVNDB: JVNDB-2022-001527 // NVD: CVE-2022-1118

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202204-2525

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202204-2525

PATCH

title:Rockwell Automation has issued an update to correct this vulnerability.url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01

Trust: 2.8

title:Connected Components Workbench 20.00.00 Rockwell Automationurl:https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112&mode=3&refSoft=1&versions=59954

Trust: 0.8

title:Rockwell Automation Connected Components Workbench Fixes for code issue vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=198460

Trust: 0.6

title:cve-2022-1118url:https://github.com/git-cve-updater/cve-2022-1118

Trust: 0.1

sources: ZDI: ZDI-22-589 // ZDI: ZDI-22-588 // ZDI: ZDI-22-587 // ZDI: ZDI-22-586 // VULMON: CVE-2022-1118 // JVNDB: JVNDB-2022-001527 // CNNVD: CNNVD-202204-2525

EXTERNAL IDS

db:NVDid:CVE-2022-1118

Trust: 6.2

db:ICS CERTid:ICSA-22-095-01

Trust: 2.6

db:ZDIid:ZDI-22-589

Trust: 1.4

db:JVNid:JVNVU99485677

Trust: 0.8

db:JVNDBid:JVNDB-2022-001527

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-15176

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-15175

Trust: 0.7

db:ZDIid:ZDI-22-588

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-15174

Trust: 0.7

db:ZDIid:ZDI-22-587

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-15173

Trust: 0.7

db:ZDIid:ZDI-22-586

Trust: 0.7

db:CS-HELPid:SB2022040601

Trust: 0.6

db:CNNVDid:CNNVD-202204-2525

Trust: 0.6

db:VULHUBid:VHN-418892

Trust: 0.1

db:VULMONid:CVE-2022-1118

Trust: 0.1

sources: ZDI: ZDI-22-589 // ZDI: ZDI-22-588 // ZDI: ZDI-22-587 // ZDI: ZDI-22-586 // VULHUB: VHN-418892 // VULMON: CVE-2022-1118 // JVNDB: JVNDB-2022-001527 // CNNVD: CNNVD-202204-2525 // NVD: CVE-2022-1118

REFERENCES

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-095-01

Trust: 5.5

url:https://jvn.jp/vu/jvnvu99485677/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-1118

Trust: 0.8

url:https://www.zerodayinitiative.com/advisories/zdi-22-589/

Trust: 0.7

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-095-01

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-1118/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022040601

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/502.html

Trust: 0.1

url:https://github.com/git-cve-updater/cve-2022-1118

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-22-589 // ZDI: ZDI-22-588 // ZDI: ZDI-22-587 // ZDI: ZDI-22-586 // VULHUB: VHN-418892 // VULMON: CVE-2022-1118 // JVNDB: JVNDB-2022-001527 // CNNVD: CNNVD-202204-2525 // NVD: CVE-2022-1118

CREDITS

kimiya

Trust: 2.8

sources: ZDI: ZDI-22-589 // ZDI: ZDI-22-588 // ZDI: ZDI-22-587 // ZDI: ZDI-22-586

SOURCES

db:ZDIid:ZDI-22-589
db:ZDIid:ZDI-22-588
db:ZDIid:ZDI-22-587
db:ZDIid:ZDI-22-586
db:VULHUBid:VHN-418892
db:VULMONid:CVE-2022-1118
db:JVNDBid:JVNDB-2022-001527
db:CNNVDid:CNNVD-202204-2525
db:NVDid:CVE-2022-1118

LAST UPDATE DATE

2024-11-23T22:29:01.209000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-589date:2022-04-08T00:00:00
db:ZDIid:ZDI-22-588date:2022-04-08T00:00:00
db:ZDIid:ZDI-22-587date:2022-04-08T00:00:00
db:ZDIid:ZDI-22-586date:2022-04-08T00:00:00
db:VULHUBid:VHN-418892date:2022-05-26T00:00:00
db:VULMONid:CVE-2022-1118date:2022-05-26T00:00:00
db:JVNDBid:JVNDB-2022-001527date:2024-06-18T08:48:00
db:CNNVDid:CNNVD-202204-2525date:2022-07-01T00:00:00
db:NVDid:CVE-2022-1118date:2024-11-21T06:40:05.017

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-589date:2022-04-08T00:00:00
db:ZDIid:ZDI-22-588date:2022-04-08T00:00:00
db:ZDIid:ZDI-22-587date:2022-04-08T00:00:00
db:ZDIid:ZDI-22-586date:2022-04-08T00:00:00
db:VULHUBid:VHN-418892date:2022-05-17T00:00:00
db:VULMONid:CVE-2022-1118date:2022-05-17T00:00:00
db:JVNDBid:JVNDB-2022-001527date:2022-04-07T00:00:00
db:CNNVDid:CNNVD-202204-2525date:2022-04-05T00:00:00
db:NVDid:CVE-2022-1118date:2022-05-17T20:15:08.173