Yokogawa CAMS for HIS Violation of Secure Design Principles (CVE-2022-30707)

high Tenable OT Security Plugin ID 500663

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed (CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00), CENTUM series where CAMS function is used (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R4.01.00 to R4.03.00), CENTUM series regardless of the use of CAMS function (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R5.01.00 to R5.04.20 and R6.01.00 to R6.09.00), Exaopc R3.72.00 to R3.80.00 (only if NTPF100-S6 'For CENTUM VP Support CAMS for HIS' is installed), B/M9000 CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01). If an adjacent attacker successfully compromises a computer using CAMS for HIS software, they can use credentials from the compromised machine to access data from another machine using CAMS for HIS software. This can lead to a disabling of CAMS for HIS software functions on any affected machines, or information disclosure/alteration. (CVE-2022-30707)

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Yokogawa has produced the following mitigations for the affected products:

- CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class):
- No software patch will be made available as these products are end-of-life. Upgrade systems to the latest version of CENTUM VP.
- CENTUM VP (Including CENTUM VP Entry Class):
- Versions R4.01.00 through R4.03.00, and R5.01.00 through R5.04.20
- No software patch will be made available as these products are end-of-life. Consider upgrading systems to the latest version of CENTUM VP.
- Versions R6.01.00 through R6.09.00
- Update systems to Version R6.09.00 and apply software patch R6.09.03
- Exaopc:
- Update systems to Version R3.80.00 and apply software patch R3.80.01
- B/M9000CS and B/M9000 VP:
- These products are not directly affected by the vulnerability. However, these products are affected if CENTUM is installed on the same PC. If CENTUM is installed, update as described above. Also update B/M9000 to the latest version.

Please see Yokogawa Security Advisory Report YSAR-22-0006 at the following locations for more information:

English

Japanese

For questions related to these mitigations, please contact Yokogawa.

See Also

https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-02

https://web-material3.yokogawa.com/19/32780/files/YSAR-22-0006-J.pdf

https://jvn.jp/vu/JVNVU92819891/index.html

https://web-material3.yokogawa.com/1/32780/files/YSAR-22-0006-E.pdf

Plugin Details

Severity: High

ID: 500663

Version: 1.10

Type: remote

Family: Tenable.ot

Published: 7/15/2022

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-30707

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:yokogawa:centum_cs_3000_firmware, cpe:/o:yokogawa:centum_cs_3000_entry_class_firmware, cpe:/o:yokogawa:centum_vp_entry_class_firmware:r6, cpe:/o:yokogawa:centum_vp_firmware:r4, cpe:/o:yokogawa:centum_vp_entry_class_firmware:r4, cpe:/o:yokogawa:centum_vp_firmware:r5, cpe:/o:yokogawa:centum_vp_entry_class_firmware:r5, cpe:/o:yokogawa:centum_vp_firmware:r6

Required KB Items: Tenable.ot/Yokogawa

Exploit Ease: No known exploits are available

Patch Publication Date: 6/28/2022

Vulnerability Publication Date: 6/28/2022

Reference Information

CVE: CVE-2022-30707

ICSA: 22-174-02