A vulnerability was found in AutomationDirect C-more EA9 HMI (SCADA Software). It has been classified as problematic. This affects an unknown code block. The manipulation with an unknown input leads to a cleartext transmission vulnerability. CWE is classifying the issue as CWE-319. The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. This is going to have an impact on confidentiality. The summary by CVE is:

AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an attacker to obtain the login credentials and login as a valid user. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;

The weakness was released 09/01/2022 as icsa-22-167-01. The advisory is shared at cisa.gov. This vulnerability is uniquely identified as CVE-2022-2005 since 06/06/2022. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1040 for this issue.

Upgrading to version 6.73 eliminates this vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• SCADA Software

Vendor

• AutomationDirect

Name

• C-more EA9 HMI

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion