Severity: 
                            
                            
                                        
                                        Critical
                                    
                                
                            
                                Advisory ID: 
                            
                            
                                PN1606
                            
                        
                                게시한 날짜: 
                            
                            
                                October 07, 2022
                            
                        
                                최근 업데이트: 
                            
                            
                                October 07, 2022
                            
                        
                                Revision Number: 
                            
                            
                                1.0
                            
                        
                                Known Exploited Vulnerability (KEV): 
                            
                            
                                아니요
                            
                        
                                Corrected: 
                            
                            
                                아니요
                            
                        
                                Workaround: 
                            
                            
                                아니요
                            
                        
                            CVE IDs
                        
                        
                                    CVE-2022-3158, 
                                    
                                
                            
                                
                                    
                                    CVE-2022-38743
                                
                            
                        
                    요약
                
                
                    Factory Talk VantagePoint Software Broken Access Control and Input Validation Vulnerability
                
              Revision History 
   Revision Number 
   1.0 
   Revision History 
   Version 1.0 – October 06,2022 
 Executive Summary
  Rockwell Automation is aware of a broken access control and input validation vulnerability. If exploited, this vulnerability could potentially lead to a high impact on the confidentiality, a low impact on the integrity, and the availability of FactoryTalk® VantagePoint® software. 
 
Customers using affected versions of this software are encouraged to evaluate the following mitigations and apply them where appropriate. Additional details relating to the discovered vulnerability, including the products in scope, impact, and recommended countermeasures, are provided. We have not received any notice of this vulnerability being exploited in Rockwell Automation products.
 Customers using affected versions of this software are encouraged to evaluate the following mitigations and apply them where appropriate. Additional details relating to the discovered vulnerability, including the products in scope, impact, and recommended countermeasures, are provided. We have not received any notice of this vulnerability being exploited in Rockwell Automation products.
Affected Products
  FactoryTalk VantagePoint software v. 8.0, 8.10, 8.20, 8.30, 8.31 
 Vulnerability Details
 CVE 2022-38743 FactoryTalk VantagePoint Software Broken Access Control Vulnerability 
As a part of our commitment to security, Rockwell Automation performs routine testing and vulnerability scanning to maintain the security posture of products. Due to penetration testing, we discovered a broken access control vulnerability. The FactoryTalk VantagePoint SQLServer account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database.
 
CVE 2022-38743
CVSS Base Score: 9.9/10 (Critical)
CVSS:3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
 
CVE 2022-3158 FactoryTalk VantagePoint Software Input Validation Vulnerability
Additionally, the device lacks input validation when users enter SQL statements to retrieve information from the back-end database. This vulnerability could potentially allow a user with basic user privileges to perform remote code execution on the server.
 
CVE 2022-3158
CVSS Base Score: 9.9/10 (Critical)
CVSS:3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
 As a part of our commitment to security, Rockwell Automation performs routine testing and vulnerability scanning to maintain the security posture of products. Due to penetration testing, we discovered a broken access control vulnerability. The FactoryTalk VantagePoint SQLServer account could allow a malicious user with read-only privileges to execute SQL statements in the back-end database.
CVE 2022-38743
CVSS Base Score: 9.9/10 (Critical)
CVSS:3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE 2022-3158 FactoryTalk VantagePoint Software Input Validation Vulnerability
Additionally, the device lacks input validation when users enter SQL statements to retrieve information from the back-end database. This vulnerability could potentially allow a user with basic user privileges to perform remote code execution on the server.
CVE 2022-3158
CVSS Base Score: 9.9/10 (Critical)
CVSS:3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Risk Mitigation & User Action
  Customers using the affected software are encouraged to update to an available software revision that addresses the associated risk. Customers who are unable to update are encouraged to apply the following configurable risk mitigations to help reduce the risk associated with this vulnerability. We also recommend customers combine risk mitigations with security best practices to employ a defense in depth approach.
   
 
 | Mitigation A | Update to FactoryTalk VantagePoint V8.00/8.10/8.20/8.30/8.31 or later. BF28452 - Patch: Multiple issues, FactoryTalk VantagePoint 8.00/8.10/8.20/8.30/8.31 | 
| Mitigation B | If customers are unable to update the firmware, we suggest customers configure the database to follow the least privilege principle. | 
Additional Links
Copyright ©2022 Rockwell Automation, Inc.