CVE-2022-34765 : A CWE-73: External Control of File Name or Path vulnerability exists that could

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)

Published 2022-07-13 21:15:09

Updated 2022-07-21 19:54:58

Source Schneider Electric SE

View at NVD, CVE.org

Vulnerability category: File inclusion

Products affected by CVE-2022-34765

Schneider-electric » Opc Ua Module For M580 Firmware
Versions up to, including, (<=) 1.10
cpe:2.3:o:schneider-electric:opc_ua_module_for_m580_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » Opc Ua Module For M580 » Version: N/A
Schneider-electric » X80 Advanced Rtu Module Firmware
Versions from including (>=) 2.01
cpe:2.3:o:schneider-electric:x80_advanced_rtu_module_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Schneider-electric » X80 Advanced Rtu Module » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-34765

EPSS FAQ

0.15%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 37 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-34765

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H	1.2	4.2	Schneider Electric SE
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: None Integrity: Low Availability: High
5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: Low Availability: None

CWE ids for CVE-2022-34765

CWE-73 External Control of File Name or Path

The product allows user input to control or influence paths or file names that are used in filesystem operations.

Assigned by: cybersecurity@se.com (Secondary)
CWE-668 Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-34765

https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules+_Security_Notification.pdf

Access Denied
Patch;Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-34765

Products affected by CVE-2022-34765

Exploit prediction scoring system (EPSS) score for CVE-2022-34765

CVSS scores for CVE-2022-34765

CWE ids for CVE-2022-34765

References for CVE-2022-34765