CVE-2022-30242

Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller's function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered.

CVSS v3.0 6.8 MEDIUM

6.8^/10

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.honeywell.com/us/en/product-security	Vendor Advisory
https://github.com/scadafence/Honeywell-Alerton-Vulnerabilities	Third Party Advisory
https://blog.scadafence.com	Not Applicable

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:honeywell:alerton_ascent_control_module_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:honeywell:alerton_ascent_control_module:-:*:*:*:*:*:*:*

Information

Published : 2022-07-15 05:15

Updated : 2022-07-22 10:11

NVD link : CVE-2022-30242

Mitre link : CVE-2022-30242

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

honeywell

alerton_ascent_control_module
alerton_ascent_control_module_firmware

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.honeywell.com/us/en/product-security", "name": "https://www.honeywell.com/us/en/product-security", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://github.com/scadafence/Honeywell-Alerton-Vulnerabilities", "name": "https://github.com/scadafence/Honeywell-Alerton-Vulnerabilities", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://blog.scadafence.com", "name": "https://blog.scadafence.com", "tags": ["Not Applicable"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated configuration changes from remote users. This enables configuration data to be stored on the controller and then implemented. A user with malicious intent can send a crafted packet to change the controller configuration without the knowledge of other users, altering the controller's function capabilities. The changed configuration is not updated in the User Interface, which creates an inconsistency between the configuration display and the actual configuration on the controller. After the configuration change, remediation requires reverting to the correct configuration, requiring either physical or remote access depending on the configuration that was altered."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-30242", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.3}}, "publishedDate": "2022-07-15T12:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:honeywell:alerton_ascent_control_module_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2022-05-04"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:honeywell:alerton_ascent_control_module:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-07-22T17:11Z"}