Details of VAR-202212-2066

ID

VAR-202212-2066

CVE

CVE-2022-3156

TITLE

Rockwell Automation Studio 5000 Logix Designer Authorization problem vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202212-3803

DESCRIPTION

A remote code execution vulnerability exists in Rockwell Automation Studio 5000 Logix Emulate software. Users are granted elevated permissions on certain product services when the software is installed. Due to this misconfiguration, a malicious user could potentially achieve remote code execution on the targeted software

Trust: 0.99

sources: NVD: CVE-2022-3156 // VULHUB: VHN-430798

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	studio 5000 logix emulate	scope:	lt	version:	34.00	Trust: 1.0
vendor:	rockwellautomation	model:	studio 5000 logix emulate	scope:	gte	version:	20.011	Trust: 1.0

sources: NVD: CVE-2022-3156

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-3156
value:	HIGH
Trust: 1.0
PSIRT@rockwellautomation.com:	CVE-2022-3156
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202212-3803
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-3156
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0

sources: CNNVD: CNNVD-202212-3803 // NVD: CVE-2022-3156 // NVD: CVE-2022-3156

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.1

sources: VULHUB: VHN-430798 // NVD: CVE-2022-3156

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202212-3803

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202212-3803

PATCH

title:

Rockwell Automation Studio 5000 Logix Designer Remediation measures for authorization problem vulnerabilities

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=220326

Trust: 0.6

sources: CNNVD: CNNVD-202212-3803

EXTERNAL IDS

db:	NVD	id:	CVE-2022-3156	Trust: 1.7
db:	AUSCERT	id:	ESB-2022.6662	Trust: 0.6
db:	ICS CERT	id:	ICSA-22-356-02	Trust: 0.6
db:	CNNVD	id:	CNNVD-202212-3803	Trust: 0.6
db:	VULHUB	id:	VHN-430798	Trust: 0.1

sources: VULHUB: VHN-430798 // CNNVD: CNNVD-202212-3803 // NVD: CVE-2022-3156

REFERENCES

url:	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1137846	Trust: 1.7
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-356-02	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.6662	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-3156/	Trust: 0.6

sources: VULHUB: VHN-430798 // CNNVD: CNNVD-202212-3803 // NVD: CVE-2022-3156

CREDITS

Rockwell Automation reported this vulnerability to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202212-3803

SOURCES

db:	VULHUB	id:	VHN-430798
db:	CNNVD	id:	CNNVD-202212-3803
db:	NVD	id:	CVE-2022-3156

LAST UPDATE DATE

2024-08-14T15:00:36.433000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-430798	date:	2023-01-06T00:00:00
db:	CNNVD	id:	CNNVD-202212-3803	date:	2023-01-09T00:00:00
db:	NVD	id:	CVE-2022-3156	date:	2023-11-07T03:50:51.807

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-430798	date:	2022-12-27T00:00:00
db:	CNNVD	id:	CNNVD-202212-3803	date:	2022-12-22T00:00:00
db:	NVD	id:	CVE-2022-3156	date:	2022-12-27T19:15:10.357