Details of VAR-202206-2050

ID

VAR-202206-2050

CVE

CVE-2022-2135

TITLE

Advantech iView setTaskEditorItem DESCRIPTION SQL Injection Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-22-919

DESCRIPTION

The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. This vulnerability allows remote attackers to bypass authentication on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability.The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. When parsing the restore_filename element of the restoreDatabase action, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to bypass authentication on the system. Advantech iView

Trust: 11.79

sources: NVD: CVE-2022-2135 // ZDI: ZDI-22-905 // ZDI: ZDI-22-881 // ZDI: ZDI-22-885 // ZDI: ZDI-22-890 // ZDI: ZDI-22-891 // ZDI: ZDI-22-895 // ZDI: ZDI-22-900 // ZDI: ZDI-22-918 // ZDI: ZDI-22-919 // ZDI: ZDI-22-910 // ZDI: ZDI-22-911 // ZDI: ZDI-22-913 // ZDI: ZDI-22-914 // ZDI: ZDI-22-915 // ZDI: ZDI-22-916 // ZDI: ZDI-22-917 // ZDI: ZDI-22-901 // VULHUB: VHN-426269 // VULMON: CVE-2022-2135

AFFECTED PRODUCTS

vendor:	advantech	model:	iview	scope:	-	version:	-	Trust: 11.9
vendor:	advantech	model:	iview	scope:	lt	version:	5.7.04.6469	Trust: 1.0

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-918 // ZDI: ZDI-22-917 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-911 // ZDI: ZDI-22-910 // ZDI: ZDI-22-905 // ZDI: ZDI-22-901 // ZDI: ZDI-22-900 // ZDI: ZDI-22-895 // ZDI: ZDI-22-891 // ZDI: ZDI-22-890 // ZDI: ZDI-22-885 // ZDI: ZDI-22-881 // NVD: CVE-2022-2135

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2022-2135
value:	HIGH
Trust: 9.1
ZDI:	CVE-2022-2135
value:	CRITICAL
Trust: 2.8
nvd@nist.gov:	CVE-2022-2135
value:	HIGH
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2022-2135
value:	HIGH
Trust: 1.0

ZDI:	CVE-2022-2135
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 9.1
ZDI:	CVE-2022-2135
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 2.8
nvd@nist.gov:	CVE-2022-2135
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0

PROBLEMTYPE DATA

problemtype:

CWE-89

Trust: 1.1

sources: VULHUB: VHN-426269 // NVD: CVE-2022-2135

PATCH

title:

Advantech has issued an update to correct this vulnerability.

url:

https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03

Trust: 11.9

EXTERNAL IDS

db:	NVD	id:	CVE-2022-2135	Trust: 13.1
db:	ICS CERT	id:	ICSA-22-179-03	Trust: 1.2
db:	ZDI_CAN	id:	ZDI-CAN-16750	Trust: 0.7
db:	ZDI	id:	ZDI-22-919	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16529	Trust: 0.7
db:	ZDI	id:	ZDI-22-918	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16535	Trust: 0.7
db:	ZDI	id:	ZDI-22-917	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16561	Trust: 0.7
db:	ZDI	id:	ZDI-22-916	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16585	Trust: 0.7
db:	ZDI	id:	ZDI-22-915	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16562	Trust: 0.7
db:	ZDI	id:	ZDI-22-914	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16591	Trust: 0.7
db:	ZDI	id:	ZDI-22-913	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16531	Trust: 0.7
db:	ZDI	id:	ZDI-22-911	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16659	Trust: 0.7
db:	ZDI	id:	ZDI-22-910	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16583	Trust: 0.7
db:	ZDI	id:	ZDI-22-905	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16530	Trust: 0.7
db:	ZDI	id:	ZDI-22-901	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16548	Trust: 0.7
db:	ZDI	id:	ZDI-22-900	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16544	Trust: 0.7
db:	ZDI	id:	ZDI-22-895	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16564	Trust: 0.7
db:	ZDI	id:	ZDI-22-891	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16656	Trust: 0.7
db:	ZDI	id:	ZDI-22-890	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16584	Trust: 0.7
db:	ZDI	id:	ZDI-22-885	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16552	Trust: 0.7
db:	ZDI	id:	ZDI-22-881	Trust: 0.7
db:	VULHUB	id:	VHN-426269	Trust: 0.1
db:	VULMON	id:	CVE-2022-2135	Trust: 0.1

REFERENCES

url:

https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03

Trust: 13.1

CREDITS

@rgod777

Trust: 7.0

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-910 // ZDI: ZDI-22-905 // ZDI: ZDI-22-891 // ZDI: ZDI-22-890 // ZDI: ZDI-22-885

SOURCES

db:	ZDI	id:	ZDI-22-919
db:	ZDI	id:	ZDI-22-918
db:	ZDI	id:	ZDI-22-917
db:	ZDI	id:	ZDI-22-916
db:	ZDI	id:	ZDI-22-915
db:	ZDI	id:	ZDI-22-914
db:	ZDI	id:	ZDI-22-913
db:	ZDI	id:	ZDI-22-911
db:	ZDI	id:	ZDI-22-910
db:	ZDI	id:	ZDI-22-905
db:	ZDI	id:	ZDI-22-901
db:	ZDI	id:	ZDI-22-900
db:	ZDI	id:	ZDI-22-895
db:	ZDI	id:	ZDI-22-891
db:	ZDI	id:	ZDI-22-890
db:	ZDI	id:	ZDI-22-885
db:	ZDI	id:	ZDI-22-881
db:	VULHUB	id:	VHN-426269
db:	VULMON	id:	CVE-2022-2135
db:	NVD	id:	CVE-2022-2135

LAST UPDATE DATE

2024-11-14T22:49:01.030000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-22-919	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-918	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-917	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-916	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-915	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-914	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-913	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-911	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-910	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-905	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-901	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-900	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-895	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-891	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-890	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-885	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-881	date:	2022-06-30T00:00:00
db:	VULHUB	id:	VHN-426269	date:	2022-07-28T00:00:00
db:	NVD	id:	CVE-2022-2135	date:	2022-07-28T20:10:10.260

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-22-919	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-918	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-917	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-916	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-915	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-914	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-913	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-911	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-910	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-905	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-901	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-900	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-895	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-891	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-890	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-885	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-881	date:	2022-06-30T00:00:00
db:	VULHUB	id:	VHN-426269	date:	2022-07-22T00:00:00
db:	NVD	id:	CVE-2022-2135	date:	2022-07-22T15:15:08.117