CVE-2022-29952

Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.

CVSS v3.0 9.1 CRITICAL

9.1^/10

CVSS v3.0 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02	Mitigation Third Party Advisory US Government Resource
https://www.forescout.com/blog/	Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:bakerhughes:bently_nevada_3701\/40_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:bakerhughes:bently_nevada_3701\/40:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:bakerhughes:bently_nevada_3701\/44_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:bakerhughes:bently_nevada_3701\/44:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:bakerhughes:bently_nevada_3701\/46_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:bakerhughes:bently_nevada_3701\/46:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:bakerhughes:bently_nevada_60m100_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:bakerhughes:bently_nevada_60m100:-:*:*:*:*:*:*:*

Information

Published : 2022-07-26 15:15

Updated : 2022-08-02 13:53

NVD link : CVE-2022-29952

Mitre link : CVE-2022-29952

JSON object : View

CWE

CWE-306

Missing Authentication for Critical Function

Advertisement

Products Affected

bakerhughes

bently_nevada_3701\/44
bently_nevada_60m100_firmware
bently_nevada_3701\/44_firmware
bently_nevada_3701\/40_firmware
bently_nevada_60m100
bently_nevada_3701\/46_firmware
bently_nevada_3701\/46
bently_nevada_3701\/40

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02", "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "refsource": "MISC"}, {"url": "https://www.forescout.com/blog/", "name": "https://www.forescout.com/blog/", "tags": ["Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-306"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-29952", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 3.9}}, "publishedDate": "2022-07-26T22:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:bakerhughes:bently_nevada_3701\\/40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.1"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:bakerhughes:bently_nevada_3701\\/40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:bakerhughes:bently_nevada_3701\\/44_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.1"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:bakerhughes:bently_nevada_3701\\/44:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:bakerhughes:bently_nevada_3701\\/46_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.1"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:bakerhughes:bently_nevada_3701\\/46:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:bakerhughes:bently_nevada_60m100_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:bakerhughes:bently_nevada_60m100:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-08-02T20:53Z"}