CVE-2022-26516 (GCVE-0-2022-26516)
Vulnerability from cvelistv5
Published
2022-04-20 15:30
Modified
2025-04-16 17:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Summary
Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:32.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26516",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T17:29:37.598330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T17:55:19.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DA50N",
"vendor": "Red Lion",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"datePublic": "2022-04-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-20T15:30:33.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
],
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"title": "ICSA-22-104-03 Red Lion DA50N",
"workarounds": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-04-14T21:16:00.000Z",
"ID": "CVE-2022-26516",
"STATE": "PUBLIC",
"TITLE": "ICSA-22-104-03 Red Lion DA50N"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DA50N",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "All",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Red Lion"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345 Insufficient Verification of Data Authenticity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03"
}
]
},
"source": {
"advisory": "ICSA-22-104-03",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\n\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\n\nDo not install image files that are obtained from sources other than the official Red Lion website.\nWhen downloading images from Red Lion\u2019s website, ensure the validity of the server\u2019s TLS certificate.\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\nEnsure the default UI password is changed to one meeting standard security practices.\nChange the admin, rlcuser and techsup account passwords from their default values.\nDisable the SSH service and keep the telnet service disabled if they are not required.\nDo not re\u2010use the same password for securing multiple resources.\nLimit access to configuration files that contain valuable credentials.\nEnsure the use of secure credentials when configuring optional services.\nEnable only the minimum set of optional services required for the application."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-26516",
"datePublished": "2022-04-20T15:30:33.553Z",
"dateReserved": "2022-03-21T00:00:00.000Z",
"dateUpdated": "2025-04-16T17:55:19.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T05:03:32.878Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-26516\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-16T17:29:37.598330Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-16T17:29:39.007Z\"}}], \"cna\": {\"title\": \"ICSA-22-104-03 Red Lion DA50N\", \"source\": {\"advisory\": \"ICSA-22-104-03\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA.\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Red Lion\", \"product\": \"DA50N\", \"versions\": [{\"status\": \"affected\", \"version\": \"All\"}]}], \"datePublic\": \"2022-04-14T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03\", \"tags\": [\"x_refsource_MISC\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\\n\\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\\n\\nDo not install image files that are obtained from sources other than the official Red Lion website.\\nWhen downloading images from Red Lion\\u2019s website, ensure the validity of the server\\u2019s TLS certificate.\\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\\nEnsure the default UI password is changed to one meeting standard security practices.\\nChange the admin, rlcuser and techsup account passwords from their default values.\\nDisable the SSH service and keep the telnet service disabled if they are not required.\\nDo not re\\u2010use the same password for securing multiple resources.\\nLimit access to configuration files that contain valuable credentials.\\nEnsure the use of secure credentials when configuring optional services.\\nEnable only the minimum set of optional services required for the application.\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-345\", \"description\": \"CWE-345 Insufficient Verification of Data Authenticity\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2022-04-20T15:30:33.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"Ron Brash of aDolus Technology Inc. reported these vulnerabilities to CISA.\"}], \"impact\": {\"cvss\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"advisory\": \"ICSA-22-104-03\", \"discovery\": \"EXTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_name\": \"All\", \"version_value\": \"All\", \"version_affected\": \"=\"}]}, \"product_name\": \"DA50N\"}]}, \"vendor_name\": \"Red Lion\"}]}}, \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03\", \"name\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-345 Insufficient Verification of Data Authenticity\"}]}]}, \"work_around\": [{\"lang\": \"en\", \"value\": \"Red Lion notes the DA50N series product is at end-of-life and does not intend to release a software update to address these vulnerabilities. Users are encouraged to apply workarounds and mitigations or upgrade their device to DA50A and DA70A.\\n\\nRed Lion has provided the following workarounds to help mitigate the risk of these vulnerabilities:\\n\\nDo not install image files that are obtained from sources other than the official Red Lion website.\\nWhen downloading images from Red Lion\\u2019s website, ensure the validity of the server\\u2019s TLS certificate.\\nIf package files or images are to be stored before deployment, ensure they are stored in a secure manner.\\nMinimize the risk of unauthorized installation via SD card by limiting physical access to the device.\\nEnsure the default UI password is changed to one meeting standard security practices.\\nChange the admin, rlcuser and techsup account passwords from their default values.\\nDisable the SSH service and keep the telnet service disabled if they are not required.\\nDo not re\\u2010use the same password for securing multiple resources.\\nLimit access to configuration files that contain valuable credentials.\\nEnsure the use of secure credentials when configuring optional services.\\nEnable only the minimum set of optional services required for the application.\"}], \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-26516\", \"STATE\": \"PUBLIC\", \"TITLE\": \"ICSA-22-104-03 Red Lion DA50N\", \"ASSIGNER\": \"ics-cert@hq.dhs.gov\", \"DATE_PUBLIC\": \"2022-04-14T21:16:00.000Z\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-26516\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-16T17:55:19.628Z\", \"dateReserved\": \"2022-03-21T00:00:00.000Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2022-04-20T15:30:33.553Z\", \"assignerShortName\": \"icscert\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…