Details of VAR-202212-1382

ID

VAR-202212-1382

CVE

CVE-2022-40264

TITLE

Made by Mitsubishi Electric GENESIS64 Path Traversal Vulnerability in Project Management Function of

Trust: 0.8

sources: JVNDB: JVNDB-2022-002777

DESCRIPTION

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package file crafted by the attacker. Provided by Mitsubishi Electric Corporation GENESIS64 's project management function has a path traversal vulnerability ( CWE-22 , CVE-2022-40264 ) Exists. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. GENESIS64 may create, alter, or destroy arbitrary files. The vulnerablity allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of PKGX files. When parsing the Name element, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current process

Trust: 2.25

sources: NVD: CVE-2022-40264 // JVNDB: JVNDB-2022-002777 // ZDI: ZDI-23-342

AFFECTED PRODUCTS

vendor:	iconics	model:	genesis64	scope:	lte	version:	10.97.2	Trust: 1.0
vendor:	iconics	model:	genesis64	scope:	gte	version:	10.96	Trust: 1.0
vendor:	三菱電機	model:	genesis64	scope:	eq	version:	version 10.97 to version 10.97.2 to	Trust: 0.8
vendor:	三菱電機	model:	genesis64	scope:	eq	version:	-	Trust: 0.8
vendor:	三菱電機	model:	genesis64	scope:	-	version:	-	Trust: 0.8
vendor:	iconics	model:	genesis64	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-23-342 // JVNDB: JVNDB-2022-002777 // NVD: CVE-2022-40264

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2022-40264
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2022-002777
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2022-40264
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-202212-3229
value:	HIGH
Trust: 0.6

NVD:	CVE-2022-40264
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.2
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2022-002777
baseSeverity:	MEDIUM
baseScore:	6.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2022-40264
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-23-342 // JVNDB: JVNDB-2022-002777 // CNNVD: CNNVD-202212-3229 // NVD: CVE-2022-40264

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.0
problemtype:	Path traversal (CWE-22) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-002777 // NVD: CVE-2022-40264

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202212-3229

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202212-3229

CONFIGURATIONS

sources: NVD: CVE-2022-40264

PATCH

title:	GENESIS64(TM) Information Falsification Vulnerability in Project Management Function of	url:	https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2022-014.pdf	Trust: 0.8
title:	ICONICS has issued an update to correct this vulnerability.	url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-347-01	Trust: 0.7
title:	Mitsubishi Electric GENESIS64 Repair measures for path traversal vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqbyid.tag?id=218186	Trust: 0.6

sources: ZDI: ZDI-23-342 // JVNDB: JVNDB-2022-002777 // CNNVD: CNNVD-202212-3229

EXTERNAL IDS

db:	NVD	id:	CVE-2022-40264	Trust: 3.1
db:	ICS CERT	id:	ICSA-22-347-01	Trust: 2.4
db:	JVN	id:	JVNVU95858406	Trust: 2.4
db:	JVNDB	id:	JVNDB-2022-002777	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-17368	Trust: 0.7
db:	ZDI	id:	ZDI-23-342	Trust: 0.7
db:	CNNVD	id:	CNNVD-202212-3229	Trust: 0.6

sources: ZDI: ZDI-23-342 // JVNDB: JVNDB-2022-002777 // CNNVD: CNNVD-202212-3229 // NVD: CVE-2022-40264

REFERENCES

url:	https://jvn.jp/vu/jvnvu95858406/index.html	Trust: 2.4
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-347-01	Trust: 2.4
url:	https://iconics.com/about/security/cert	Trust: 1.6
url:	https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-014_en.pdf	Trust: 1.6
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-347-01	Trust: 0.7
url:	https://cxsecurity.com/cveshow/cve-2022-40264/	Trust: 0.6

sources: ZDI: ZDI-23-342 // JVNDB: JVNDB-2022-002777 // CNNVD: CNNVD-202212-3229 // NVD: CVE-2022-40264

CREDITS

Noam Moshe of Claroty Research

Trust: 0.7

sources: ZDI: ZDI-23-342

SOURCES

db:	ZDI	id:	ZDI-23-342
db:	JVNDB	id:	JVNDB-2022-002777
db:	CNNVD	id:	CNNVD-202212-3229
db:	NVD	id:	CVE-2022-40264

LAST UPDATE DATE

2023-04-02T22:57:48.889000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-23-342	date:	2023-03-31T00:00:00
db:	JVNDB	id:	JVNDB-2022-002777	date:	2022-12-15T01:13:00
db:	CNNVD	id:	CNNVD-202212-3229	date:	2022-12-19T00:00:00
db:	NVD	id:	CVE-2022-40264	date:	2022-12-16T17:09:00

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-23-342	date:	2023-03-31T00:00:00
db:	JVNDB	id:	JVNDB-2022-002777	date:	2022-12-15T00:00:00
db:	CNNVD	id:	CNNVD-202212-3229	date:	2022-12-14T00:00:00
db:	NVD	id:	CVE-2022-40264	date:	2022-12-14T00:15:00