JTEKT TOYOPUC Missing Authentication For Critical Function (CVE-2022-29951, CVE-2022-29958)

critical Tenable OT Security Plugin ID 500659

Synopsis

The remote OT asset may be affected by a vulnerability.

Description

The device may be vulnerable to flaws related to OT:ICEFALL. These vulnerabilities identify the insecure-by-design nature of OT devices and may not have a clear remediation path. As such, Nessus is unable to test specifically for these vulnerabilities but has identified the device to be one that was listed in the OT:ICEFALL report. Ensure your OT deployments follow best practices including accurate inventory, separation of environments, and monitoring. This plugin will trigger on any device seen by Tenable.OT that matches a family or model listed in the OT:ICEFALL report.

Note: All findings need to be manually verified based on the advisory from the vendor, once released.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

JTEKT has provided the following workarounds:

- When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.
- Locate control system networks and remote devices behind firewalls and isolate them from the business network.
- Minimize network exposure for all control system devices and/or systems, use IP filter functions to allow only specific personal computer/device to connect, and ensure they are not accessible from the Internet.
- To prevent unauthorized devices from being connected to the free ports of the HUB, use a LAN port lock to close the free ports.

See Also

http://www.nessus.org/u?4901fbd6

https://www.forescout.com/research-labs/ot-icefall/

https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02

Plugin Details

Severity: Critical

ID: 500659

Version: 1.7

Type: remote

Family: Tenable.ot

Published: 6/23/2022

Updated: 3/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-29958

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: x-cpe:/h:toyota:toyoda

Required KB Items: Tenable.ot/Toyota

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 6/22/2022

Reference Information

CVE: CVE-2022-29951, CVE-2022-29958