Details of VAR-202208-2200

ID

VAR-202208-2200

CVE

CVE-2022-30318

TITLE

Honeywell International Inc. of ControlEdge PLC firmware and ControlEdge RTU Vulnerability related to use of hardcoded credentials in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2022-016153

DESCRIPTION

Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of service. The Honeywell ControlEdge PLC and RTU product line exposes an SSH service on port 22/TCP. Login as root to this service is permitted and credentials for the root user are hardcoded without automatically changing them upon first commissioning. The credentials for the SSH service are hardcoded in the firmware. The credentials grant an attacker access to a root shell on the PLC/RTU, allowing for remote code execution, configuration manipulation and denial of service. Honeywell International Inc. of ControlEdge PLC firmware and ControlEdge RTU A vulnerability exists in the firmware regarding the use of hardcoded credentials.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-30318 // JVNDB: JVNDB-2022-016153 // VULMON: CVE-2022-30318

AFFECTED PRODUCTS

vendor:	honeywell	model:	controledge plc	scope:	lt	version:	r151.2	Trust: 1.0
vendor:	honeywell	model:	controledge rtu	scope:	lt	version:	r151.2	Trust: 1.0
vendor:	honeywell	model:	controledge plc	scope:	-	version:	-	Trust: 0.8
vendor:	honeywell	model:	controledge rtu	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-016153 // NVD: CVE-2022-30318

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-30318
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2022-30318
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202208-4461
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2022-30318
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-30318
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-016153 // CNNVD: CNNVD-202208-4461 // NVD: CVE-2022-30318

PROBLEMTYPE DATA

problemtype:	CWE-798	Trust: 1.0
problemtype:	Use hard-coded credentials (CWE-798) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-016153 // NVD: CVE-2022-30318

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202208-4461

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-202208-4461

PATCH

title:

Honeywell ControlEdge PLC Repair measures for trust management problem vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=206151

Trust: 0.6

sources: CNNVD: CNNVD-202208-4461

EXTERNAL IDS

db:	NVD	id:	CVE-2022-30318	Trust: 3.3
db:	ICS CERT	id:	ICSA-22-242-06	Trust: 2.5
db:	JVN	id:	JVNVU91110993	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-016153	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.4291	Trust: 0.6
db:	CNNVD	id:	CNNVD-202208-4461	Trust: 0.6
db:	VULMON	id:	CVE-2022-30318	Trust: 0.1

sources: VULMON: CVE-2022-30318 // JVNDB: JVNDB-2022-016153 // CNNVD: CNNVD-202208-4461 // NVD: CVE-2022-30318

REFERENCES

url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-242-06	Trust: 2.6
url:	https://www.forescout.com/blog/	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu91110993/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-30318	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2022.4291	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-30318/	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-242-06	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2022-30318 // JVNDB: JVNDB-2022-016153 // CNNVD: CNNVD-202208-4461 // NVD: CVE-2022-30318

CREDITS

Daniel dos Santos and Jos Wetzels from Forescout Technologies reported this vulnerability to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202208-4461

SOURCES

db:	VULMON	id:	CVE-2022-30318
db:	JVNDB	id:	JVNDB-2022-016153
db:	CNNVD	id:	CNNVD-202208-4461
db:	NVD	id:	CVE-2022-30318

LAST UPDATE DATE

2024-08-14T14:02:23.857000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2022-30318	date:	2022-08-31T00:00:00
db:	JVNDB	id:	JVNDB-2022-016153	date:	2023-10-02T08:11:00
db:	CNNVD	id:	CNNVD-202208-4461	date:	2022-09-08T00:00:00
db:	NVD	id:	CVE-2022-30318	date:	2022-09-07T14:46:57.153

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2022-30318	date:	2022-08-31T00:00:00
db:	JVNDB	id:	JVNDB-2022-016153	date:	2023-10-02T00:00:00
db:	CNNVD	id:	CNNVD-202208-4461	date:	2022-08-30T00:00:00
db:	NVD	id:	CVE-2022-30318	date:	2022-08-31T16:15:11.627