CVE-2022-30319

Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls (SBC) PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus (5050/UDP) authentication. The potential impact is: Authentication bypass. The Saia Burgess Controls (SBC) PCD controllers utilize the S-Bus protocol (5050/UDP) for a variety of engineering purposes. It is possible to configure a password in order to restrict access to sensitive engineering functionality. Authentication functions on the basis of a MAC/IP whitelist with inactivity timeout to which an authenticated client's MAC/IP is stored. UDP traffic can be spoofed to bypass the whitelist-based access control. Since UDP is stateless, an attacker capable of passively observing traffic can spoof arbitrary messages using the MAC/IP of an authenticated client. This allows the attacker access to sensitive engineering functionality such as uploading/downloading control logic and manipulating controller configuration.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-03 Third Party Advisory US Government Resource
https://www.forescout.com/blog/ Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:honeywell:saia_pg5_controls_suite:-:*:*:*:*:*:*:*

History

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE CWE-287 CWE-290

10 Aug 2022, 14:12

Type Values Removed Values Added
CPE cpe:2.3:a:honeywell:saia_pg5_controls_suite:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.1
References (MISC) https://www.forescout.com/blog/ - (MISC) https://www.forescout.com/blog/ - Third Party Advisory
References (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-03 - (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-03 - Third Party Advisory, US Government Resource
CWE CWE-287

28 Jul 2022, 17:28

Type Values Removed Values Added
New CVE

Information

Published : 2022-07-28 16:15

Updated : 2024-02-09 03:27


NVD link : CVE-2022-30319

Mitre link : CVE-2022-30319

CVE.ORG link : CVE-2022-30319


JSON object : View

Products Affected

honeywell

  • saia_pg5_controls_suite
CWE
CWE-290

Authentication Bypass by Spoofing