Detections
Analytics
Emerson Ovation Missing Authentication for Critical Function (CVE-2022-29966)
critical Tenable OT Security Plugin ID 502373
Synopsis
The remote OT asset is affected by a vulnerability.Description
The affected product has several protocols that have no authentication, which could allow an attacker to change controller configuration or cause a denial-of-service condition.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Emerson recommends the following:- Upgrade to the currently available release of Ovation 3.8.0 Feature Pack 3 for remediation of many of the identified vulnerabilities.
- Users are advised to consider the use of OCR3000 controllers, which offer an extra layer of protection that is not available to older controller models.
- Deploy and configure Ovation systems and related components as described in the Cybersecurity for Ovation Systems manual (OVREF1000).
- Users with questions or concerns regarding the impact of these vulnerabilities on Ovation should contact the Ovation-CERT by email or phone (1-800-445-9723, option 3).
See Also
https://www.cisa.gov/news-events/ics-advisories/icsa-24-158-02
Plugin Details
Severity: Critical
ID: 502373
Version: 1.2
Type: remote
Family: Tenable.ot
Published: 9/2/2024
Updated: 9/3/2024
Supported Sensors: Tenable OT Security
Risk Information
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/h:emerson:ovation_occ100, cpe:/h:emerson:ovation_ocr1100, cpe:/h:emerson:ovation_ocr3000, cpe:/h:emerson:ovation_ocr400
Required KB Items: Tenable.ot/Emerson
Exploit Ease: No known exploits are available
Patch Publication Date: 6/6/2023
Vulnerability Publication Date: 6/6/2023
Reference Information
CVE: CVE-2022-29966
ICSA: 24-158-02