Multiple vulnerabilities in Emerson Proficy Machine Edition
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2022-2793 CVE-2022-2792 CVE-2022-2791 CVE-2022-2790 CVE-2022-2789 CVE-2022-2788 |
| CWE-ID | CWE-353 CWE-284 CWE-434 CWE-347 CWE-345 CWE-22 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Proficy Machine Edition Server applications / Other server solutions |
| Vendor | Emerson |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Missing Support for Integrity Check
EUVDB-ID: #VU66573
Risk: Low
CVSSv4.0: 1.8 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-2793
CWE-ID:
CWE-353 - Missing Support for Integrity Check
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to improper authentication or authorization of data packets after establishing a connection for the SRTP protocol. An attacker with physical access can bypass authentication on the target system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsProficy Machine Edition: 9.00
CPE2.3- cpe:2.3:a:emerson:proficy_machine_edition:*:*:*:*:*:*:*:*
- cpe:2.3:a:emerson:proficy_machine_edition:9.00:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-22-228-06
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper access control
EUVDB-ID: #VU66574
Risk: Low
CVSSv4.0: 1.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-2792
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to the affected application stores project data in a directory with improper access control lists. A local user can bypass implemented security restrictions and gain unauthorized access to the application.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsProficy Machine Edition: 9.00
CPE2.3- cpe:2.3:a:emerson:proficy_machine_edition:*:*:*:*:*:*:*:*
- cpe:2.3:a:emerson:proficy_machine_edition:9.00:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-22-228-06
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Arbitrary file upload
EUVDB-ID: #VU66576
Risk: Low
CVSSv4.0: 5.6 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Clear]
CVE-ID: CVE-2022-2791
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to the affected application will upload any file written into the PLC logic folder to the connected PLC. A local user can upload a malicious file and execute it on the server.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsProficy Machine Edition: 9.00
CPE2.3- cpe:2.3:a:emerson:proficy_machine_edition:*:*:*:*:*:*:*:*
- cpe:2.3:a:emerson:proficy_machine_edition:9.00:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-22-228-06
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Verification of Cryptographic Signature
EUVDB-ID: #VU66577
Risk: Low
CVSSv4.0: 3.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-2790
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to the affected application does not properly verify compiled logic (PDT files) and data blocks data (BLD/BLK files). A local user can bypass authentication on the target system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsProficy Machine Edition: 9.00
CPE2.3- cpe:2.3:a:emerson:proficy_machine_edition:*:*:*:*:*:*:*:*
- cpe:2.3:a:emerson:proficy_machine_edition:9.00:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-22-228-06
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Insufficient verification of data authenticity
EUVDB-ID: #VU66578
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-2789
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the affected product can display logic that is different than the compiled logic. A local attacker can bypass authentication on the target system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsProficy Machine Edition: 9.00
CPE2.3- cpe:2.3:a:emerson:proficy_machine_edition:*:*:*:*:*:*:*:*
- cpe:2.3:a:emerson:proficy_machine_edition:9.00:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-22-228-06
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Path traversal
EUVDB-ID: #VU66579
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-2788
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can perform a ZipSlip attack through an upload procedure and execute arbitrary code on the target system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsProficy Machine Edition: 9.80
CPE2.3- cpe:2.3:a:emerson:proficy_machine_edition:*:*:*:*:*:*:*:*
- cpe:2.3:a:emerson:proficy_machine_edition:9.80:*:*:*:*:*:*:*
https://ics-cert.us-cert.gov/advisories/icsa-22-228-06
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
