SB2022081710 - Multiple vulnerabilities in Softing Secure Integration Server
Published: August 17, 2022 Updated: July 19, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 9 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2022-1069)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition. A remote attacker can use a specially crafted HTTP packet, trigger out-of-bounds read error and cause a denial of service condition on the system.
2) Path traversal (CVE-ID: CVE-2022-1373)
The vulnerability allows a remote user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the restore configuration feature. A remote administrator can send a specially crafted HTTP request and load arbitrary files on the system.
3) NULL pointer dereference (CVE-ID: CVE-2022-1748)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
4) NULL pointer dereference (CVE-ID: CVE-2022-2547)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
5) NULL pointer dereference (CVE-ID: CVE-2022-2337)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can send a specially crafted HTTP packet and perform a denial of service (DoS) attack.
6) Cleartext transmission of sensitive information (CVE-ID: CVE-2022-2338)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker with ability to intercept network traffic can gain access to sensitive data.
7) Insecure DLL loading (CVE-ID: CVE-2022-2334)
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to the application searches for a library dll that is not found. A remote administrator can place a specially crafted .dll file and execute arbitrary code on target system.
8) Improper Authentication (CVE-ID: CVE-2022-2336)
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the affected software ships with the default administrator credentials as "admin" and password as "admin" and does not ask the user to change the password. A remote attacker can bypass authentication process and gain unauthorized access to the application.
9) Integer underflow (CVE-ID: CVE-2022-2335)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer underflow. A remote attacker can send a specially crafted HTTP packet to the affected application, trigger integer underflow and cause a denial of service condition on the target system.
Remediation
Install update from vendor's website.
References
- https://ics-cert.us-cert.gov/advisories/icsa-22-228-04
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04
- https://www.zerodayinitiative.com/advisories/ZDI-22-1157/
- https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html
- https://www.zerodayinitiative.com/advisories/ZDI-22-1155/
- https://www.zerodayinitiative.com/advisories/ZDI-22-1154/
- https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html
- https://www.zerodayinitiative.com/advisories/ZDI-22-1161/
- https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html
- https://www.zerodayinitiative.com/advisories/ZDI-22-1160/