// For flags

CVE-2022-30312

 

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Trend Controls IC protocol through 2022-05-06 allows Cleartext Transmission of Sensitive Information. According to FSCT-2022-0050, there is a Trend Controls Inter-Controller (IC) protocol cleartext transmission of credentials issue. The affected components are characterized as: Inter-Controller (IC) protocol (57612/UDP). The potential impact is: Compromise of credentials. Several Trend Controls building automation controllers utilize the Inter-Controller (IC) protocol in for information exchange and automation purposes. This protocol offers authentication in the form of a 4-digit PIN in order to protect access to sensitive operations like strategy uploads and downloads as well as optional 0-30 character username and password protection for web page access protection. Both the PIN and usernames and passwords are transmitted in cleartext, allowing an attacker with passive interception capabilities to obtain these credentials. Credentials are transmitted in cleartext. An attacker who obtains Trend IC credentials can carry out sensitive engineering actions such as manipulating controller strategy or configuration settings. If the credentials in question are (re)used for other applications, their compromise could potentially facilitate lateral movement.

El protocolo IC de Trend Controls versiones hasta 06-05-2022, permite la transmisión en texto sin cifrar de información confidencial. De acuerdo con FSCT-2022-0050, se presenta un problema de transmisión de credenciales en texto sin cifrar del protocolo Inter-Controller (IC) de Trend Controls. Los componentes afectados se caracterizan como: Protocolo Inter-Controller (IC) (57612/UDP). El impacto potencial es: Compromiso de credenciales. Varios controladores de automatización de edificios de Trend Controls usan el protocolo Inter-Controller (IC) para el intercambio de información y la automatización. Este protocolo ofrece autenticación en forma de un PIN de 4 dígitos para proteger el acceso a operaciones confidenciales como las cargas y descargas de estrategias, así como una protección opcional de nombre de usuario y contraseña de 0 a 30 caracteres para la protección del acceso a la página web. Tanto el PIN como los nombres de usuario y las contraseñas se transmiten en texto sin cifrar, lo que permite a un atacante con capacidad de interceptación pasiva obtener estas credenciales. Las credenciales son transmitidas en texto sin cifrar. Un atacante que obtenga las credenciales de Trend IC puede llevar a cabo acciones de ingeniería confidenciales, como manipular la estrategia del controlador o los ajustes de configuración. Si las credenciales en cuestión son (re)usadas para otras aplicaciones, su compromiso podría facilitar potencialmente el movimiento lateral

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-05-06 CVE Reserved
  • 2022-09-07 CVE Published
  • 2024-03-30 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-319: Cleartext Transmission of Sensitive Information
CAPEC
References (2)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Honeywell
Search vendor "Honeywell"
Trend Iq412 Firmware
Search vendor "Honeywell" for product "Trend Iq412 Firmware"
*-
Affected
in Honeywell
Search vendor "Honeywell"
Trend Iq412
Search vendor "Honeywell" for product "Trend Iq412"
--
Safe
Honeywell
Search vendor "Honeywell"
Trend Iq411 Firmware
Search vendor "Honeywell" for product "Trend Iq411 Firmware"
*-
Affected
in Honeywell
Search vendor "Honeywell"
Trend Iq411
Search vendor "Honeywell" for product "Trend Iq411"
--
Safe
Honeywell
Search vendor "Honeywell"
Trend Iq422 Firmware
Search vendor "Honeywell" for product "Trend Iq422 Firmware"
*-
Affected
in Honeywell
Search vendor "Honeywell"
Trend Iq422
Search vendor "Honeywell" for product "Trend Iq422"
--
Safe
Honeywell
Search vendor "Honeywell"
Trend Iq4nc Firmware
Search vendor "Honeywell" for product "Trend Iq4nc Firmware"
*-
Affected
in Honeywell
Search vendor "Honeywell"
Trend Iq4nc
Search vendor "Honeywell" for product "Trend Iq4nc"
--
Safe
Honeywell
Search vendor "Honeywell"
Trend Iq4e Firmware
Search vendor "Honeywell" for product "Trend Iq4e Firmware"
*-
Affected
in Honeywell
Search vendor "Honeywell"
Trend Iq4e
Search vendor "Honeywell" for product "Trend Iq4e"
--
Safe