Details of VAR-202207-1223

ID

VAR-202207-1223

CVE

CVE-2022-35871

TITLE

Inductive Automation Ignition Access Control Error Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2024-48768 // CNNVD: CNNVD-202207-1494

DESCRIPTION

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not required to exploit this vulnerability. The specific flaw exists within the authenticateAdSso method. The issue results from the lack of authentication prior to allowing the execution of python code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17206. Inductive Automation of Ignition There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Inductive Automation Ignition‌ is a comprehensive platform for industrial automation that provides scalable solutions for monitoring, control, data collection, and analysis

Trust: 2.88

sources: NVD: CVE-2022-35871 // JVNDB: JVNDB-2022-013799 // ZDI: ZDI-22-1018 // CNVD: CNVD-2024-48768 // VULMON: CVE-2022-35871

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2024-48768

AFFECTED PRODUCTS

vendor:	inductive automation	model:	ignition	scope:	-	version:	-	Trust: 1.5
vendor:	inductiveautomation	model:	ignition	scope:	eq	version:	8.1.15	Trust: 1.0
vendor:	inductive automation	model:	ignition	scope:	eq	version:	-	Trust: 0.8
vendor:	inductive automation	model:	ignition	scope:	eq	version:	8.1.15	Trust: 0.8
vendor:	inductive	model:	automation inductive automation ignition	scope:	gte	version:	7.9.0,<=8.1.16	Trust: 0.6

sources: ZDI: ZDI-22-1018 // CNVD: CNVD-2024-48768 // JVNDB: JVNDB-2022-013799 // NVD: CVE-2022-35871

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com:	CVE-2022-35871
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2022-35871
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-35871
value:	HIGH
Trust: 0.8
ZDI:	CVE-2022-35871
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2024-48768
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202207-1494
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2024-48768
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

zdi-disclosures@trendmicro.com:	CVE-2022-35871
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.0
Trust: 1.0
nvd@nist.gov:	CVE-2022-35871
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-35871
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2022-35871
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-22-1018 // CNVD: CNVD-2024-48768 // JVNDB: JVNDB-2022-013799 // CNNVD: CNNVD-202207-1494 // NVD: CVE-2022-35871 // NVD: CVE-2022-35871

PROBLEMTYPE DATA

problemtype:	CWE-306	Trust: 1.0
problemtype:	Lack of authentication for critical features (CWE-306) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-013799 // NVD: CVE-2022-35871

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-1494

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202207-1494

PATCH

title:	Inductive Automation has issued an update to correct this vulnerability.	url:	https://support.inductiveautomation.com/hc/en-us/articles/7625759776653-Regarding-Pwn2Own-2022-Vulnerabilities	Trust: 0.7
title:	Patch for Inductive Automation Ignition Access Control Error Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/644316	Trust: 0.6
title:	Inductive Automation Ignition Fixes for access control error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=201374	Trust: 0.6

sources: ZDI: ZDI-22-1018 // CNVD: CNVD-2024-48768 // CNNVD: CNNVD-202207-1494

EXTERNAL IDS

db:	NVD	id:	CVE-2022-35871	Trust: 4.6
db:	ZDI	id:	ZDI-22-1018	Trust: 3.2
db:	CS-HELP	id:	SB2022071816	Trust: 1.2
db:	JVNDB	id:	JVNDB-2022-013799	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-17206	Trust: 0.7
db:	CNVD	id:	CNVD-2024-48768	Trust: 0.6
db:	CNNVD	id:	CNNVD-202207-1494	Trust: 0.6
db:	VULMON	id:	CVE-2022-35871	Trust: 0.1

sources: ZDI: ZDI-22-1018 // CNVD: CNVD-2024-48768 // VULMON: CVE-2022-35871 // JVNDB: JVNDB-2022-013799 // CNNVD: CNNVD-202207-1494 // NVD: CVE-2022-35871

REFERENCES

url:	https://support.inductiveautomation.com/hc/en-us/articles/7625759776653-regarding-pwn2own-2022-vulnerabilities	Trust: 3.2
url:	https://www.zerodayinitiative.com/advisories/zdi-22-1018/	Trust: 2.5
url:	https://www.cybersecurity-help.cz/vdb/sb2022071816	Trust: 1.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-35871	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-35871/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/306.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: ZDI: ZDI-22-1018 // CNVD: CNVD-2024-48768 // VULMON: CVE-2022-35871 // JVNDB: JVNDB-2022-013799 // CNNVD: CNNVD-202207-1494 // NVD: CVE-2022-35871

CREDITS

Daan Keuper & Thijs Alkemade from Computest

Trust: 0.7

sources: ZDI: ZDI-22-1018

SOURCES

db:	ZDI	id:	ZDI-22-1018
db:	CNVD	id:	CNVD-2024-48768
db:	VULMON	id:	CVE-2022-35871
db:	JVNDB	id:	JVNDB-2022-013799
db:	CNNVD	id:	CNNVD-202207-1494
db:	NVD	id:	CVE-2022-35871

LAST UPDATE DATE

2024-12-21T22:55:55.458000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-22-1018	date:	2022-07-15T00:00:00
db:	CNVD	id:	CNVD-2024-48768	date:	2024-12-20T00:00:00
db:	VULMON	id:	CVE-2022-35871	date:	2022-07-26T00:00:00
db:	JVNDB	id:	JVNDB-2022-013799	date:	2023-09-12T08:18:00
db:	CNNVD	id:	CNNVD-202207-1494	date:	2022-08-04T00:00:00
db:	NVD	id:	CVE-2022-35871	date:	2022-08-03T16:51:44.627

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-22-1018	date:	2022-07-15T00:00:00
db:	CNVD	id:	CNVD-2024-48768	date:	2022-12-26T00:00:00
db:	VULMON	id:	CVE-2022-35871	date:	2022-07-25T00:00:00
db:	JVNDB	id:	JVNDB-2022-013799	date:	2023-09-12T00:00:00
db:	CNNVD	id:	CNNVD-202207-1494	date:	2022-07-18T00:00:00
db:	NVD	id:	CVE-2022-35871	date:	2022-07-25T19:15:45.637