Summary
COPA-DATA
received a report from Security Researcher Ruben Santamarta detailing a
security vulnerability for the zenon Logging Service which is part of the zenon
platform standard deployment. Based on this vulnerability additional
vulnerabilities concerning “Network Password is encrypted using a reversible
algorithm” and “Database Password is encrypted using a reversible key” were
discovered.
The
following references identify these vulnerabilities:
CVE-2022-34836
zenon log server path traversal vulnerability
CVE-2022-34837
Network Password is encrypted using a reversible algorithm
CVE-2022-34838
Database Password is encrypted using a reversible algorithm
Description
These
vulnerabilities affect the default deployment (without proper hardening) of the
zenon platform. A successful exploit of the first issue could allow attackers
remote access to arbitrary files on a system with a deployment of the zenon
platform. Local files containing passwords could be obtained from a remote
system. An attack against the hashing and encryption algorithm for the
passwords using the additional vulnerabilities may provide additional
privileges on the remote system or in the zenon network.
Patch
Availability
COPA-DATA
offers an official Build update mitigating the “CVE-2022-34836 zenon log server
path traversal vulnerability”.
For
zenon versions 8.20 and 10 zenon Builds 102334 and 102631 respectively.
For more
information and additional Mitigations please check the document
attached CD_SVA_2022_1.
Your
Security Management Team