CVE-2022-1368
published 2022-09-06CVE-2022-1368: The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-306: Missing Authentication for Critical Function…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.78%
51.2th percentile
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-306: Missing Authentication for Critical Function, which allows unauthorized users to change the operator account password via webserver commands by monitoring web socket communications from an unauthenticated session. This could allow an attacker to escalate privileges to match those of the compromised account.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cognex | 3d-a1000_dimensioning_system | all – 1.0.3 (3354) | — |
| cognex | 3d-a1000_dimensioning_system_firmware | <= 1.0.3\(3354\) | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated WebSocket sessions that issue password-change commands to the Cognex 3D-A1000 web server — the vulnerability allows password changes via webserver commands observed from an unauthenticated session ↗
- →Alert on any operator account password change events originating from unauthenticated WebSocket sessions on the Cognex 3D-A1000 device ↗
- →Be aware that log entries showing a password change may be falsified by an attacker (CWE-117); do not rely solely on password-change log events for forensic confirmation of exploitation ↗
- →Detect attempts to bypass web access controls by inspecting client-side source code of password-protected web elements on the device (CWE-602); monitor for unexpected direct HTTP requests to protected endpoints that bypass normal UI flow ↗
- ·Vulnerability affects firmware version 1.0.3 (3354) and prior; devices running release 1.2 PR2 or later are reportedly patched — scope detection rules to unpatched firmware versions only ↗
- ·No known public exploits specifically target these vulnerabilities at time of advisory publication — threat hunting should be prioritized over signature-based detection ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Cognex 3D-A1000 Dimensioning System
cisa_ics·2022-09-06·CVSS 9.8
[CRITICAL] Cognex 3D-A1000 Dimensioning System
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Cognex 3D-A1000 Dimensioning System
Last RevisedSeptember 06, 2022
Alert CodeICSA-22-249-03
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely, low attack complexity
- Vendor: Cognex
- Equipment: 3D-A1000 Dimensioning System
- Vulnerabilities: Missing Authentication for Critical Function, Improper Output Neutralization for Logs, Client-side Enforcement of Server-side Security
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in unauthorized password changes, escalation of privileges, falsifying of password logs, and by
GHSA
GHSA-j7fp-3pf5-h6cj: The Cognex 3D-A1000 Dimensioning System in firmware version 1
ghsa_unreviewed·2022-09-07
CVE-2022-1368 [CRITICAL] CWE-306 GHSA-j7fp-3pf5-h6cj: The Cognex 3D-A1000 Dimensioning System in firmware version 1
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-306: Missing Authentication for Critical Function, which allows unauthorized users to change the operator account password via webserver commands by monitoring web socket communications from an unauthenticated session. This could allow an attacker to escalate privileges to match those of the compromised account.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-09-06
Published