Published:2022/12/14 Last Updated:2023/01/10
JVNVU#96873821
Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)
Overview
CONPROSYS HMI System (CHS) provided by Contec Co., Ltd. contains multiple vulnerabilities.
Products Affected
CVE-2022-44456
- CONPROSYS HMI System (CHS) Ver.3.4.4 and earlier
- CONPROSYS HMI System (CHS) Ver.3.4.5 and earlier
Description
CONPROSYS HMI System (CHS) provided by Contec Co., Ltd. contains multiple vulnerabilities listed below.
- OS Command Injection (CWE-78) - CVE-2022-44456
CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Base Score: 10.0 - Use of Default Credentials (CWE-1392) - CVE-2023-22331
CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Base Score: 7.5 - Use of Password Hash Instead of Password for Authentication (CWE-836) - CVE-2023-22334
CVSS v3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Base Score: 5.3 - Cross-site Scripting (CWE-79) - CVE-2023-22373
CVSS v3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Base Score: 5.7 - Improper Access Control (CWE-284) - CVE-2023-22339
CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score: 7.5
Impact
CVE-2022-44456
An arbitrary OS command may be executed on the server where the product is running, when an unauthenticated remote attacker sends a specially crafted request.
CVE-2023-22331
User credentials information may be altered by a remote unauthenticated attacker.
CVE-2023-22334
User credentials information may be obtained via a man-in-the-middle attack.
CVE-2023-22373
An arbitrary script may be executed on the web browser of the administrative user who is logging into the product, and sensitive information may be obtained.
CVE-2023-22339
A remote unauthenticated attacker may obtain the server certificate including the private key of the product.
Solution
Update the software
Update the software to the latest version according to the information provided by the developer.
Vendor Status
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Floris Hendriks and Jeroen Wijenbergh of Radboud University reported these vulnerabilities to Contec Co., Ltd. and coordinated. Contec Co., Ltd. and JPCERT/CC published respective advisories in order to notify users of its solution.
Other Information
JPCERT Alert |
|
JPCERT Reports |
|
CERT Advisory |
|
CPNI Advisory |
|
TRnotes |
|
CVE |
CVE-2022-44456 |
CVE-2023-22331 |
|
CVE-2023-22334 |
|
CVE-2023-22373 |
|
CVE-2023-22339 |
|
JVN iPedia |
|
Update History
- 2023/01/10
- Information under the section [Title], [Overview], [Products Affected], [Description], [Impact], [Vendor Status], [References], and [Credit] was updated.