Detections
Analytics

Sprecher Automation SPRECON-E-C/P/T3 Improper Input Validation (CVE-2022-4332)

medium Tenable OT Security Plugin ID 502815

Synopsis

The remote OT asset is affected by a vulnerability.

Description

In Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The access vector is bound to physical device access. Hence, it is recommended to emphasize physical security controls. See general recommendations.
Besides this, it needs to be taken into account that necessary hardware manipulation to fully exploit this vulnerability requires to put the device out of operation for several time; i.e. device status monitoring as usually applied in substation automation is an important measure to also detect potential attacks.

See Also

http://www.nessus.org/u?c0541169

Plugin Details

Severity: Medium

ID: 502815

Version: 1.2

Type: remote

Family: Tenable.ot

Published: 1/23/2025

Updated: 1/24/2025

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-4332

CVSS v3

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:sprecher-automation:sprecon-e-c_firmware:-, cpe:/o:sprecher-automation:sprecon-e-p_ds6-0_firmware:-, cpe:/o:sprecher-automation:sprecon-e-t3_firmware:-, cpe:/o:sprecher-automation:sprecon-e-p_dq6-1_firmware:-, cpe:/o:sprecher-automation:sprecon-e-p_dl6-1_firmware:-, cpe:/o:sprecher-automation:sprecon-e-tc_ax-3110_firmware:-

Required KB Items: Tenable.ot/SprecherAutomation

Exploit Ease: No known exploits are available

Patch Publication Date: 6/1/2023

Vulnerability Publication Date: 6/1/2023

Reference Information

CVE: CVE-2022-4332

CWE: 20