Details of VAR-202206-2050

ID

VAR-202206-2050

CVE

CVE-2022-2135

TITLE

Advantech iView setTaskEditorItem DESCRIPTION SQL Injection Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-22-919

DESCRIPTION

The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information. Authentication is not required to exploit this vulnerability.The specific flaw exists within the NetworkServlet endpoint, which listens on TCP port 8080 by default. When parsing the CREATE_DATE element of the saveSearchDevicesToTask action, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise

Trust: 11.7

sources: NVD: CVE-2022-2135 // ZDI: ZDI-22-918 // ZDI: ZDI-22-882 // ZDI: ZDI-22-885 // ZDI: ZDI-22-886 // ZDI: ZDI-22-896 // ZDI: ZDI-22-898 // ZDI: ZDI-22-899 // ZDI: ZDI-22-907 // ZDI: ZDI-22-919 // ZDI: ZDI-22-911 // ZDI: ZDI-22-912 // ZDI: ZDI-22-913 // ZDI: ZDI-22-914 // ZDI: ZDI-22-915 // ZDI: ZDI-22-916 // ZDI: ZDI-22-917 // ZDI: ZDI-22-910 // VULHUB: VHN-426269

AFFECTED PRODUCTS

vendor:	advantech	model:	iview	scope:	-	version:	-	Trust: 11.9
vendor:	advantech	model:	iview	scope:	lt	version:	5.7.04.6469	Trust: 1.0

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-918 // ZDI: ZDI-22-917 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-912 // ZDI: ZDI-22-911 // ZDI: ZDI-22-910 // ZDI: ZDI-22-907 // ZDI: ZDI-22-899 // ZDI: ZDI-22-898 // ZDI: ZDI-22-896 // ZDI: ZDI-22-886 // ZDI: ZDI-22-885 // ZDI: ZDI-22-882 // NVD: CVE-2022-2135

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2022-2135
value:	HIGH
Trust: 9.1
ZDI:	CVE-2022-2135
value:	CRITICAL
Trust: 2.8
nvd@nist.gov:	CVE-2022-2135
value:	HIGH
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2022-2135
value:	HIGH
Trust: 1.0

ZDI:	CVE-2022-2135
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 9.1
ZDI:	CVE-2022-2135
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 2.8
nvd@nist.gov:	CVE-2022-2135
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0

PROBLEMTYPE DATA

problemtype:

CWE-89

Trust: 1.1

sources: VULHUB: VHN-426269 // NVD: CVE-2022-2135

PATCH

title:

Advantech has issued an update to correct this vulnerability.

url:

https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03

Trust: 11.9

EXTERNAL IDS

db:	NVD	id:	CVE-2022-2135	Trust: 13.0
db:	ICS CERT	id:	ICSA-22-179-03	Trust: 1.1
db:	ZDI_CAN	id:	ZDI-CAN-16750	Trust: 0.7
db:	ZDI	id:	ZDI-22-919	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16529	Trust: 0.7
db:	ZDI	id:	ZDI-22-918	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16535	Trust: 0.7
db:	ZDI	id:	ZDI-22-917	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16561	Trust: 0.7
db:	ZDI	id:	ZDI-22-916	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16585	Trust: 0.7
db:	ZDI	id:	ZDI-22-915	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16562	Trust: 0.7
db:	ZDI	id:	ZDI-22-914	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16591	Trust: 0.7
db:	ZDI	id:	ZDI-22-913	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16751	Trust: 0.7
db:	ZDI	id:	ZDI-22-912	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16531	Trust: 0.7
db:	ZDI	id:	ZDI-22-911	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16659	Trust: 0.7
db:	ZDI	id:	ZDI-22-910	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16549	Trust: 0.7
db:	ZDI	id:	ZDI-22-907	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16545	Trust: 0.7
db:	ZDI	id:	ZDI-22-899	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16693	Trust: 0.7
db:	ZDI	id:	ZDI-22-898	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16694	Trust: 0.7
db:	ZDI	id:	ZDI-22-896	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16560	Trust: 0.7
db:	ZDI	id:	ZDI-22-886	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16584	Trust: 0.7
db:	ZDI	id:	ZDI-22-885	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-16647	Trust: 0.7
db:	ZDI	id:	ZDI-22-882	Trust: 0.7
db:	VULHUB	id:	VHN-426269	Trust: 0.1

REFERENCES

url:

https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-03

Trust: 13.0

CREDITS

@rgod777

Trust: 8.4

sources: ZDI: ZDI-22-919 // ZDI: ZDI-22-916 // ZDI: ZDI-22-915 // ZDI: ZDI-22-914 // ZDI: ZDI-22-913 // ZDI: ZDI-22-912 // ZDI: ZDI-22-910 // ZDI: ZDI-22-898 // ZDI: ZDI-22-896 // ZDI: ZDI-22-886 // ZDI: ZDI-22-885 // ZDI: ZDI-22-882

SOURCES

db:	ZDI	id:	ZDI-22-919
db:	ZDI	id:	ZDI-22-918
db:	ZDI	id:	ZDI-22-917
db:	ZDI	id:	ZDI-22-916
db:	ZDI	id:	ZDI-22-915
db:	ZDI	id:	ZDI-22-914
db:	ZDI	id:	ZDI-22-913
db:	ZDI	id:	ZDI-22-912
db:	ZDI	id:	ZDI-22-911
db:	ZDI	id:	ZDI-22-910
db:	ZDI	id:	ZDI-22-907
db:	ZDI	id:	ZDI-22-899
db:	ZDI	id:	ZDI-22-898
db:	ZDI	id:	ZDI-22-896
db:	ZDI	id:	ZDI-22-886
db:	ZDI	id:	ZDI-22-885
db:	ZDI	id:	ZDI-22-882
db:	VULHUB	id:	VHN-426269
db:	NVD	id:	CVE-2022-2135

LAST UPDATE DATE

2024-11-06T23:11:51.222000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-22-919	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-918	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-917	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-916	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-915	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-914	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-913	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-912	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-911	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-910	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-907	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-899	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-898	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-896	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-886	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-885	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-882	date:	2022-06-30T00:00:00
db:	VULHUB	id:	VHN-426269	date:	2022-07-28T00:00:00
db:	NVD	id:	CVE-2022-2135	date:	2022-07-28T20:10:10.260

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-22-919	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-918	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-917	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-916	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-915	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-914	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-913	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-912	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-911	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-910	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-907	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-899	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-898	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-896	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-886	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-885	date:	2022-06-30T00:00:00
db:	ZDI	id:	ZDI-22-882	date:	2022-06-30T00:00:00
db:	VULHUB	id:	VHN-426269	date:	2022-07-22T00:00:00
db:	NVD	id:	CVE-2022-2135	date:	2022-07-22T15:15:08.117