Details of VAR-202207-1552

ID

VAR-202207-1552

CVE

CVE-2022-2463

TITLE

Rockwell Automation of ISaGRAF Workbench Past traversal vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015411

DESCRIPTION

Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-2463 // JVNDB: JVNDB-2022-015411 // VULHUB: VHN-427811 // VULMON: CVE-2022-2463

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	isagraf workbench	scope:	lte	version:	6.6.9	Trust: 1.0
vendor:	rockwellautomation	model:	isagraf workbench	scope:	gte	version:	6.0	Trust: 1.0
vendor:	rockwell automation	model:	isagraf workbench	scope:	eq	version:	-	Trust: 0.8
vendor:	rockwell automation	model:	isagraf workbench	scope:	-	version:	-	Trust: 0.8
vendor:	rockwell automation	model:	isagraf workbench	scope:	eq	version:	6.0 to 6.6.9	Trust: 0.8

sources: JVNDB: JVNDB-2022-015411 // NVD: CVE-2022-2463

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-2463
value:	HIGH
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2022-2463
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-2463
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202207-2125
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-2463
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2022-2463
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	3.7
version:	3.1
Trust: 1.0
NVD:	CVE-2022-2463
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-015411 // CNNVD: CNNVD-202207-2125 // NVD: CVE-2022-2463 // NVD: CVE-2022-2463

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.1
problemtype:	Path traversal (CWE-22) [ others ]	Trust: 0.8

sources: VULHUB: VHN-427811 // JVNDB: JVNDB-2022-015411 // NVD: CVE-2022-2463

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202207-2125

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202207-2125

PATCH

title:

Rockwell Automation ISaGRAF Workbench Repair measures for path traversal vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=201001

Trust: 0.6

sources: CNNVD: CNNVD-202207-2125

EXTERNAL IDS

db:	NVD	id:	CVE-2022-2463	Trust: 3.4
db:	ICS CERT	id:	ICSA-22-202-03	Trust: 2.6
db:	JVN	id:	JVNVU95712880	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-015411	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.3567	Trust: 0.6
db:	CS-HELP	id:	SB2022072218	Trust: 0.6
db:	CNNVD	id:	CNNVD-202207-2125	Trust: 0.6
db:	VULHUB	id:	VHN-427811	Trust: 0.1
db:	VULMON	id:	CVE-2022-2463	Trust: 0.1

sources: VULHUB: VHN-427811 // VULMON: CVE-2022-2463 // JVNDB: JVNDB-2022-015411 // CNNVD: CNNVD-202207-2125 // NVD: CVE-2022-2463

REFERENCES

url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-202-03	Trust: 2.6
url:	https://jvn.jp/vu/jvnvu95712880/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-2463	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-2463/	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-202-03	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3567	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022072218	Trust: 0.6

sources: VULHUB: VHN-427811 // VULMON: CVE-2022-2463 // JVNDB: JVNDB-2022-015411 // CNNVD: CNNVD-202207-2125 // NVD: CVE-2022-2463

CREDITS

Mashav Sapir of Claroty Research reported these vulnerabilities to Rockwell Automation and CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202207-2125

SOURCES

db:	VULHUB	id:	VHN-427811
db:	VULMON	id:	CVE-2022-2463
db:	JVNDB	id:	JVNDB-2022-015411
db:	CNNVD	id:	CNNVD-202207-2125
db:	NVD	id:	CVE-2022-2463

LAST UPDATE DATE

2024-08-14T13:53:10.503000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-427811	date:	2022-08-27T00:00:00
db:	JVNDB	id:	JVNDB-2022-015411	date:	2023-09-26T08:28:00
db:	CNNVD	id:	CNNVD-202207-2125	date:	2022-08-29T00:00:00
db:	NVD	id:	CVE-2022-2463	date:	2022-08-27T03:27:36.947

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-427811	date:	2022-08-25T00:00:00
db:	JVNDB	id:	JVNDB-2022-015411	date:	2023-09-26T00:00:00
db:	CNNVD	id:	CNNVD-202207-2125	date:	2022-07-21T00:00:00
db:	NVD	id:	CVE-2022-2463	date:	2022-08-25T18:15:10.067