CVE-2022-3158 Rockwell Automation VantagePoint versions 8.0-8.30 are vulnerable to an input validation vulnerability.

This issue was identified by the researchers at Secunia. Vulnerable installations of FactoryTalk VantagePoint are at risk of remote code execution. Users are advised to upgrade to version 8.31 or apply the latest patch as soon as possible. A complete list of all the software updates for this product can be found here. FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable to an input validation vulnerability. The FactoryTalk VantagePoint SQL Server lacks input validation when users enter SQL statements to retrieve information from the back-end database. If successfully exploited, this could allow a user with basic user privileges to perform remote code execution on the server.

FactoryTalk VantagePoint SQL Server Vulnerability


This vulnerability is a serious security flaw that can allow an attacker to execute code on the SQL Server running the VantagePoint application. If exploited, this can result in arbitrary data retrieval as well as denial-of-service (DoS) or complete system compromise. This issue was identified by the researchers at Secunia.

Vulnerable code

The following code is vulnerable to an input validation vulnerability:
sql = "SELECT * FROM '" + stmt + "'"

This SQL statement can be exploited with the following SQL injection attack:
x.x.x.x/FactoryTalk_VantagePoint/Database=MyDatabase/stmt=SELECT*FROM'
+"'ORDER BY 1; --%27--%27--%27--%27--%27--%27--%27--
sql = "SELECT * FROM '" + stmt + "' ORDER BY 1;"

FactoryTalk VantagePoint - Back-to-Base vulnerability

The vulnerability essentially works by bypassing the security control measures implemented in the product. Basically, an attacker would need to provide a user with a specially crafted SQL query that can be executed on the back-end database. The vulnerability is not related to FactoryTalk VantagePoint’s vulnerable installation, but is rather related to the lack of input validation when users enter SQL statements to retrieve information from the back-end database.
There is no mitigation for this specific vulnerability, as there is no fix for this issue. However, Secunia believes that all users of FactoryTalk VantagePoint should immediately upgrade to version 8.31 or apply the latest patch as soon as possible. This update provides protection against malicious attacks and will ensure that your software remains secure in all situations.

FactoryTalk VantagePoint: What is it?

FactoryTalk VantagePoint is a software platform that provides process control, data acquisition, and real-time enterprise performance management. The software is designed to help manufacturers automate their production processes and manage their fleet of vehicles.

Timeline

Published on: 10/17/2022 22:15:00 UTC
Last modified on: 10/20/2022 14:42:00 UTC

References