{ "document": { "acknowledgments": [ { "organization": "E.ON Pentesting", "summary": "discovering and reporting this vulnerability and providing a proof of concept." } ], "aggregate_severity": { "text": "High" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "An attacker can exploit multiple vulnerabilities in VibroLine devices to gain unauthorized access or execute a denial of service attack.", "title": "Summary" }, { "category": "description", "text": "The VibroLine devices are a condition monitoring solution for industrial applications", "title": "Product description" }, { "category": "legal_disclaimer", "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. IDS INNOMIC SCHWINGUNGSMESSTECHNIK GMBH RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.", "title": "Legal Disclaimer" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to IDS Innomic Schwingungsmesstechnik GmbH and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "IDS Innomic Schwingungsmesstechnik GmbH\n\nAddress:\nZum Buchhorst 35\n29410 Salzwedel\nGermany\n\nE-mail: info(at)innomic.de", "issuing_authority": "IDS Innomic Schwingungsmesstechnik GmbH PSIRT is responsible for vulnerability handling across all IDS Innomic Schwingungsmesstechnik GmbH products and services.", "name": "IDS Innomic Schwingungsmesstechnik GmbH", "namespace": "https://www.innomic.com" }, "references": [ { "category": "self", "summary": "IDS-2026-0001 - CSAF version", "url": "https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.json" }, { "category": "self", "summary": "IDS-2026-0001 - HTML version", "url": "https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html" }, { "category": "external", "summary": "BSI-2026-0001 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/bsi-2026-0001.json" } ], "title": "Unauthorized access affects VibroLine devices", "tracking": { "aliases": [ "BSI-2026-0001" ], "current_release_date": "2026-02-02T13:00:00.000Z", "generator": { "date": "2026-02-02T10:27:18.279Z", "engine": { "name": "Secvisogram", "version": "2.5.42" } }, "id": "IDS-2026-0001", "initial_release_date": "2026-02-02T13:00:00.000Z", "revision_history": [ { "date": "2026-02-02T13:00:00.000Z", "number": "1", "summary": "Initial publication" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "VLE1 HD 4.0", "product": { "name": "VibroLine VLE1 HD 4.0", "product_id": "CSAFPID-0101", "product_identification_helper": { "skus": [ "i8005" ] } } }, { "category": "product_name", "name": "VLE2 HD 4.0", "product": { "name": "VibroLine VLE2 HD 4.0", "product_id": "CSAFPID-0102", "product_identification_helper": { "skus": [ "i8006" ] } } }, { "category": "product_name", "name": "VLE4 HD 4.0", "product": { "name": "VibroLine VLE4 HD 4.0", "product_id": "CSAFPID-0103", "product_identification_helper": { "skus": [ "i8007" ] } } }, { "category": "product_name", "name": "VLE6 HD 4.0", "product": { "name": "VibroLine VLE6 HD 4.0", "product_id": "CSAFPID-0104", "product_identification_helper": { "skus": [ "i8008" ] } } }, { "category": "product_name", "name": "VLE8 HD 4.0", "product": { "name": "VibroLine VLE8 HD 4.0", "product_id": "CSAFPID-0105", "product_identification_helper": { "skus": [ "i8009" ] } } } ], "category": "product_family", "name": "VLE" }, { "branches": [ { "category": "product_name", "name": "VLX1 HD 4.0", "product": { "name": "VibroLine VLX1 HD 4.0", "product_id": "CSAFPID-0106", "product_identification_helper": { "skus": [ "i80015" ] } } }, { "category": "product_name", "name": "VLX2 HD 4.0", "product": { "name": "VibroLine VLX2 HD 4.0", "product_id": "CSAFPID-0107", "product_identification_helper": { "skus": [ "i80016" ] } } }, { "category": "product_name", "name": "VLX4 HD 4.0", "product": { "name": "VibroLine VLX4 HD 4.0", "product_id": "CSAFPID-0108", "product_identification_helper": { "skus": [ "i80017" ] } } }, { "category": "product_name", "name": "VLX6 HD 4.0", "product": { "name": "VibroLine VLX6 HD 4.0", "product_id": "CSAFPID-0109", "product_identification_helper": { "skus": [ "i80018" ] } } }, { "category": "product_name", "name": "VLX8 HD 4.0", "product": { "name": "VibroLine VLX8 HD 4.0", "product_id": "CSAFPID-0110", "product_identification_helper": { "skus": [ "i80019" ] } } } ], "category": "product_family", "name": "VLX" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:intdot/>=1.4.1074|<=1.4.1116", "product": { "name": "VibroLine 4.0 VLE Firmware 1.4.1074 - 1.4.1116", "product_id": "CSAFPID-0111" } } ], "category": "product_name", "name": "VibroLine 4.0 VLE Firmware" }, { "branches": [ { "category": "product_version_range", "name": "vers:intdot/>=1.5.1074|<=1.5.1116", "product": { "name": "VibroLine 4.0 VLX Firmware 1.5.1074 - 1.5.1116", "product_id": "CSAFPID-0099" } } ], "category": "product_name", "name": "VibroLine 4.0 VLX Firmware" } ], "category": "product_family", "name": "VibroLine 4.0 Firmware" }, { "branches": [ { "category": "product_version_range", "name": "vers:intdot/>=4.0.1931|<=4.0.2406", "product": { "name": "VibroLine Configurator 4.0.1931 - 4.0.2406", "product_id": "CSAFPID-0114" } } ], "category": "product_name", "name": "VibroLine 4.0 Configurator" } ], "category": "product_family", "name": "VibroLine 4.0" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "VLE1 HD 5.0", "product": { "name": "VibroLine VLE1 HD 5.0", "product_id": "CSAFPID-0001", "product_identification_helper": { "skus": [ "i8005-5.0" ] } } }, { "category": "product_name", "name": "VLE2 HD 5.0", "product": { "name": "VibroLine VLE2 HD 5.0", "product_id": "CSAFPID-0002", "product_identification_helper": { "skus": [ "i8006-5.0" ] } } }, { "category": "product_name", "name": "VLE4 HD 5.0", "product": { "name": "VibroLine VLE4 HD 5.0", "product_id": "CSAFPID-0003", "product_identification_helper": { "skus": [ "i8007-5.0" ] } } }, { "category": "product_name", "name": "VLE6 HD 5.0", "product": { "name": "VibroLine VLE6 HD 5.0", "product_id": "CSAFPID-0004", "product_identification_helper": { "skus": [ "i8008-5.0" ] } } }, { "category": "product_name", "name": "VLE8 HD 5.0", "product": { "name": "VibroLine VLE8 HD 5.0", "product_id": "CSAFPID-0005", "product_identification_helper": { "skus": [ "i8009-5.0" ] } } } ], "category": "product_family", "name": "VLE" }, { "branches": [ { "category": "product_name", "name": "VLX1 HD 5.0", "product": { "name": "VibroLine VLX1 HD 5.0", "product_id": "CSAFPID-0006", "product_identification_helper": { "skus": [ "i80015-5.0" ] } } }, { "category": "product_name", "name": "VLX2 HD 5.0", "product": { "name": "VibroLine VLX2 HD 5.0", "product_id": "CSAFPID-0007", "product_identification_helper": { "skus": [ "i80016-5.0" ] } } }, { "category": "product_name", "name": "VLX4 HD 5.0", "product": { "name": "VibroLine VLX4 HD 5.0", "product_id": "CSAFPID-0008", "product_identification_helper": { "skus": [ "i80017-5.0" ] } } }, { "category": "product_name", "name": "VLX6 HD 5.0", "product": { "name": "VibroLine VLX6 HD 5.0", "product_id": "CSAFPID-0009", "product_identification_helper": { "skus": [ "i80018-5.0" ] } } }, { "category": "product_name", "name": "VLX8 HD 5.0", "product": { "name": "VibroLine VLX8 HD 5.0", "product_id": "CSAFPID-0010", "product_identification_helper": { "skus": [ "i80019-5.0" ] } } } ], "category": "product_family", "name": "VLX" }, { "branches": [ { "category": "product_version_range", "name": "vers:intdot/>=2.1.1340|<=2.1.1387", "product": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387", "product_id": "CSAFPID-0011" } }, { "category": "product_version", "name": "2.1.1866", "product": { "name": "VibroLine 5.0 Firmware 2.1.1866", "product_id": "CSAFPID-0012", "product_identification_helper": { "hashes": [ { "file_hashes": [ { "algorithm": "sha256", "value": "67DE7F19D9CC41030C82D30817FD4B95EA9C183F8482A7F325571AC709DD715F" } ], "filename": "VLX_HD_20260202.vlfw" } ] } } } ], "category": "product_name", "name": "VibroLine 5.0 Firmware" }, { "branches": [ { "category": "product_version_range", "name": "vers:intdot/>=5.0.2416|<=5.1.2547", "product": { "name": "VibroLine Configurator 5.0.2416 - 5.0.2486", "product_id": "CSAFPID-0014" } }, { "category": "product_version", "name": "5.1.2732", "product": { "name": "VibroLine Configurator 5.1.2730", "product_id": "CSAFPID-0016", "product_identification_helper": { "hashes": [ { "file_hashes": [ { "algorithm": "sha256", "value": "86D5007A3606ABF5385AFBD0BF3483728B78A978C641F09A5DEB49B5862D1F84" } ], "filename": "VibroLine_Setup_5.1.2732.exe" } ] } } } ], "category": "product_name", "name": "VibroLine 5.0 Configurator" } ], "category": "product_family", "name": "VibroLine 5.0" } ], "category": "vendor", "name": "IDS Innomic Schwingungsmesstechnik GmbH" } ], "relationships": [ { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLE1 HD 5.0", "product_id": "CSAFPID-0032" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0001" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLE2 HD 5.0", "product_id": "CSAFPID-0033" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0002" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLE4 HD 5.0", "product_id": "CSAFPID-0034" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0003" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLE6 HD 5.0", "product_id": "CSAFPID-0035" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0004" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLE8 HD 5.0", "product_id": "CSAFPID-0036" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0005" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLX1 HD 5.0", "product_id": "CSAFPID-0037" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0006" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLX2 HD 5.0", "product_id": "CSAFPID-0038" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0007" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLX4 HD 5.0", "product_id": "CSAFPID-0039" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0008" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLX6 HD 5.0", "product_id": "CSAFPID-0040" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0009" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1340 - 2.1.1387 installed on VibroLine VLX8 HD 5.0", "product_id": "CSAFPID-0041" }, "product_reference": "CSAFPID-0011", "relates_to_product_reference": "CSAFPID-0010" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLE1 HD 5.0", "product_id": "CSAFPID-0052" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0001" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLE2 HD 5.0", "product_id": "CSAFPID-0053" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0002" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLE4 HD 5.0", "product_id": "CSAFPID-0054" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0003" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLE6 HD 5.0", "product_id": "CSAFPID-0055" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0004" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLE8 HD 5.0", "product_id": "CSAFPID-0056" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0005" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLX1 HD 5.0", "product_id": "CSAFPID-0057" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0006" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLX2 HD 5.0", "product_id": "CSAFPID-0058" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0007" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLX4 HD 5.0", "product_id": "CSAFPID-0059" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0008" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLX6 HD 5.0", "product_id": "CSAFPID-0060" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0009" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 5.0 Firmware 2.1.1866 installed on VibroLine VLX8 HD 5.0", "product_id": "CSAFPID-0061" }, "product_reference": "CSAFPID-0012", "relates_to_product_reference": "CSAFPID-0010" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.4.1074 - 1.4.1116 installed on VibroLine VLE1 HD 4.0", "product_id": "CSAFPID-0132" }, "product_reference": "CSAFPID-0111", "relates_to_product_reference": "CSAFPID-0101" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.4.1074 - 1.4.1116 installed on VibroLine VLE2 HD 4.0", "product_id": "CSAFPID-0133" }, "product_reference": "CSAFPID-0111", "relates_to_product_reference": "CSAFPID-0102" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.4.1074 - 1.4.1116 installed on VibroLine VLE4 HD 4.0", "product_id": "CSAFPID-0134" }, "product_reference": "CSAFPID-0111", "relates_to_product_reference": "CSAFPID-0103" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.4.1074 - 1.4.1116 installed on VibroLine VLE6 HD 4.0", "product_id": "CSAFPID-0135" }, "product_reference": "CSAFPID-0111", "relates_to_product_reference": "CSAFPID-0104" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.4.1074 - 1.4.1116 installed on VibroLine VLE8 HD 4.0", "product_id": "CSAFPID-0136" }, "product_reference": "CSAFPID-0111", "relates_to_product_reference": "CSAFPID-0105" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.5.1074 - 1.5.1116 installed on VibroLine VLX1 HD 4.0", "product_id": "CSAFPID-0137" }, "product_reference": "CSAFPID-0099", "relates_to_product_reference": "CSAFPID-0106" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.5.1074 - 1.5.1116 installed on VibroLine VLX2 HD 4.0", "product_id": "CSAFPID-0138" }, "product_reference": "CSAFPID-0099", "relates_to_product_reference": "CSAFPID-0107" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.5.1074 - 1.5.1116 installed on VibroLine VLX4 HD 4.0", "product_id": "CSAFPID-0139" }, "product_reference": "CSAFPID-0099", "relates_to_product_reference": "CSAFPID-0108" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.5.1074 - 1.5.1116 installed on VibroLine VLX6 HD 4.0", "product_id": "CSAFPID-0140" }, "product_reference": "CSAFPID-0099", "relates_to_product_reference": "CSAFPID-0109" }, { "category": "installed_on", "full_product_name": { "name": "VibroLine 4.0 Firmware 1.5.1074 - 1.5.1116 installed on VibroLine VLX8 HD 4.0", "product_id": "CSAFPID-0141" }, "product_reference": "CSAFPID-0099", "relates_to_product_reference": "CSAFPID-0110" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-50975", "cwe": { "id": "CWE-346", "name": "Origin Validation Error" }, "notes": [ { "category": "summary", "text": "The ethernet and USB connections are not properly isolated allowing an attacker to configure and reset the device if configuration via ethernet is enabled and there is at least one legitimately authenticated connection active at the time of the attack.", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ], "known_affected": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041" ], "known_not_affected": [ "CSAFPID-0032", "CSAFPID-0033", "CSAFPID-0034", "CSAFPID-0035", "CSAFPID-0036", "CSAFPID-0052", "CSAFPID-0053", "CSAFPID-0054", "CSAFPID-0055", "CSAFPID-0056", "CSAFPID-0132", "CSAFPID-0133", "CSAFPID-0134", "CSAFPID-0135", "CSAFPID-0136", "CSAFPID-0137", "CSAFPID-0138", "CSAFPID-0139", "CSAFPID-0140", "CSAFPID-0141" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update VibroLine VLX HD 5.0 devices to firmware version 2.1.1866 or later which includes a fix for this vulnerability.", "product_ids": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041" ], "restart_required": { "category": "machine", "details": "VibroLine VLX HD 5.0 devices will be restarted during firmware update." }, "url": "https://www.innomic.com/downloads/" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 8.2, "environmentalSeverity": "HIGH", "exploitCodeMaturity": "FUNCTIONAL", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 8.2, "temporalSeverity": "HIGH", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041" ] } ], "title": "Unauthenticated Access To Device Configuration" }, { "cve": "CVE-2022-50976", "cwe": { "id": "CWE-1288", "name": "Improper Validation of Consistency within Input" }, "notes": [ { "category": "summary", "text": "Resetting the device passwords using an invalid reset file causes a full device reset if the device is connected via USB.", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "CSAFPID-0016" ], "known_affected": [ "CSAFPID-0014" ], "known_not_affected": [ "CSAFPID-0114" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update VibroLine Configurator to version 5.1.2730 or later which includes a fix for this vulnerability.", "product_ids": [ "CSAFPID-0014" ], "url": "https://www.innomic.com/downloads/" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.1, "environmentalSeverity": "HIGH", "exploitCodeMaturity": "FUNCTIONAL", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 7.1, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:F/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0014" ] } ], "title": "Unintended Device Reset" }, { "cve": "CVE-2022-50977", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "notes": [ { "category": "summary", "text": "The function to switch between multiple configuration presets via HTTP does not require authentication. An attacker with access to the network could use this functionality to disrupt normal operations if there is more than one configuration preset.", "title": "Vulnerability summary" } ], "product_status": { "known_affected": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ], "known_not_affected": [ "CSAFPID-0032", "CSAFPID-0033", "CSAFPID-0034", "CSAFPID-0035", "CSAFPID-0036", "CSAFPID-0052", "CSAFPID-0053", "CSAFPID-0054", "CSAFPID-0055", "CSAFPID-0056", "CSAFPID-0132", "CSAFPID-0133", "CSAFPID-0134", "CSAFPID-0135", "CSAFPID-0136", "CSAFPID-0137", "CSAFPID-0138", "CSAFPID-0139", "CSAFPID-0140", "CSAFPID-0141" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Isolate the network from the public internet and limit access to trustworthy devices (see section \"Network Security\" in the manual).\n\nIf only one configuration preset is required remove any other presets.", "product_ids": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.1, "environmentalSeverity": "HIGH", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "UNAVAILABLE", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 7.1, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ] } ], "title": "Unauthenticated Configuration Switch Via HTTP" }, { "cve": "CVE-2022-50978", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "notes": [ { "category": "summary", "text": "The function to switch between multiple configuration presets via Modbus (TCP) does not require authentication. An attacker with access to the network could use this functionality to disrupt normal operations if there is more than one configuration preset.", "title": "Vulnerability summary" } ], "product_status": { "known_affected": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ], "known_not_affected": [ "CSAFPID-0032", "CSAFPID-0033", "CSAFPID-0034", "CSAFPID-0035", "CSAFPID-0036", "CSAFPID-0052", "CSAFPID-0053", "CSAFPID-0054", "CSAFPID-0055", "CSAFPID-0056", "CSAFPID-0132", "CSAFPID-0133", "CSAFPID-0134", "CSAFPID-0135", "CSAFPID-0136", "CSAFPID-0137", "CSAFPID-0138", "CSAFPID-0139", "CSAFPID-0140", "CSAFPID-0141" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Isolate the network from the public internet and limit access to trustworthy devices (see section \"Network Security\" in the manual).\n\nIf only one configuration preset is required remove any other presets.", "product_ids": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.1, "environmentalSeverity": "HIGH", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "UNAVAILABLE", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 7.1, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ] } ], "title": "Unauthenticated Configuration Switch Via Modbus (TCP)" }, { "cve": "CVE-2022-50979", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "notes": [ { "category": "summary", "text": "The function to switch between multiple configuration presets via Modbus (RS485) does not require authentication. An attacker with access to the RS485 bus could use this functionality to disrupt normal operations if there is more than one configuration preset.", "title": "Vulnerability summary" } ], "product_status": { "known_affected": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ], "known_not_affected": [ "CSAFPID-0032", "CSAFPID-0033", "CSAFPID-0034", "CSAFPID-0035", "CSAFPID-0036", "CSAFPID-0052", "CSAFPID-0053", "CSAFPID-0054", "CSAFPID-0055", "CSAFPID-0056", "CSAFPID-0132", "CSAFPID-0133", "CSAFPID-0134", "CSAFPID-0135", "CSAFPID-0136", "CSAFPID-0137", "CSAFPID-0138", "CSAFPID-0139", "CSAFPID-0140", "CSAFPID-0141" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Limit access to the RS485 bus to trustworthy devices.\n\nIf only one configuration preset is required remove any other presets.", "product_ids": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 6.2, "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "UNAVAILABLE", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 6.2, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ] } ], "title": "Unauthenticated Configuration Switch Via Modbus (RS485)" }, { "cve": "CVE-2022-50980", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "notes": [ { "category": "summary", "text": "The function to switch between multiple configuration presets via CAN does not require authentication. An attacker with access to the RS485 bus could use this functionality to disrupt normal operations if there is more than one configuration preset.", "title": "Vulnerability summary" } ], "product_status": { "known_affected": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ], "known_not_affected": [ "CSAFPID-0032", "CSAFPID-0033", "CSAFPID-0034", "CSAFPID-0035", "CSAFPID-0036", "CSAFPID-0052", "CSAFPID-0053", "CSAFPID-0054", "CSAFPID-0055", "CSAFPID-0056", "CSAFPID-0132", "CSAFPID-0133", "CSAFPID-0134", "CSAFPID-0135", "CSAFPID-0136", "CSAFPID-0137", "CSAFPID-0138", "CSAFPID-0139", "CSAFPID-0140", "CSAFPID-0141" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Limit access to the CAN bus to trustworthy devices.\n\nIf only one configuration preset is required remove any other presets.", "product_ids": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 6.2, "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "UNAVAILABLE", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 6.2, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061" ] } ], "title": "Unauthenticated Configuration Switch Via CAN" }, { "cve": "CVE-2022-50981", "cwe": { "id": "CWE-521", "name": "Weak Password Requirements" }, "notes": [ { "category": "summary", "text": "Devices are shipped without a password by default and setting a password is not enforced.", "title": "Vulnerability summary" } ], "product_status": { "known_affected": [ "CSAFPID-0032", "CSAFPID-0033", "CSAFPID-0034", "CSAFPID-0035", "CSAFPID-0036", "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0052", "CSAFPID-0053", "CSAFPID-0054", "CSAFPID-0055", "CSAFPID-0056", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061", "CSAFPID-0132", "CSAFPID-0133", "CSAFPID-0134", "CSAFPID-0135", "CSAFPID-0136", "CSAFPID-0137", "CSAFPID-0138", "CSAFPID-0139", "CSAFPID-0140", "CSAFPID-0141" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Assign a password to the device on first use.", "product_ids": [ "CSAFPID-0032", "CSAFPID-0033", "CSAFPID-0034", "CSAFPID-0035", "CSAFPID-0036", "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0052", "CSAFPID-0053", "CSAFPID-0054", "CSAFPID-0055", "CSAFPID-0056", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061", "CSAFPID-0132", "CSAFPID-0133", "CSAFPID-0134", "CSAFPID-0135", "CSAFPID-0136", "CSAFPID-0137", "CSAFPID-0138", "CSAFPID-0139", "CSAFPID-0140", "CSAFPID-0141" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "environmentalScore": 9, "environmentalSeverity": "CRITICAL", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "remediationLevel": "WORKAROUND", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 9, "temporalSeverity": "CRITICAL", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0032", "CSAFPID-0033", "CSAFPID-0034", "CSAFPID-0035", "CSAFPID-0036", "CSAFPID-0037", "CSAFPID-0038", "CSAFPID-0039", "CSAFPID-0040", "CSAFPID-0041", "CSAFPID-0052", "CSAFPID-0053", "CSAFPID-0054", "CSAFPID-0055", "CSAFPID-0056", "CSAFPID-0057", "CSAFPID-0058", "CSAFPID-0059", "CSAFPID-0060", "CSAFPID-0061", "CSAFPID-0132", "CSAFPID-0133", "CSAFPID-0134", "CSAFPID-0135", "CSAFPID-0136", "CSAFPID-0137", "CSAFPID-0138", "CSAFPID-0139", "CSAFPID-0140", "CSAFPID-0141" ] } ], "title": "No Password By Default" } ] }