critical
9.8
CWE
287
Advisory Published
Updated

CVE-2022-2336: Softing Secure Integration Server Improper Authentication

First published: Wed Aug 17 2022(Updated: )

Softing Secure Integration Server, edgeConnector, and edgeAggregator software ships with the default administrator credentials as `admin` and password as `admin`. This allows Softing to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the `admin` password. There is no warning or prompt to ask the user to change the default password, and to change the password, many steps are required.

Credit: ics-cert@hq.dhs.gov

Affected SoftwareAffected VersionHow to fix
Softing Secure Integration Server: Version 1.22 and prior
Softing edgeConnector=3.1
Softing edgeAggregator=3.1
Softing OPC UA C++ Server SDK=6
Softing OPC Suite=5.2
Softing uaGate=1.74
Softing edgeAggregator=3.1
Softing edgeConnector=3.1
Softing OPC=5.2
Softing Opc Ua C\+\+ Software Development Kit=6
Softing Secure Integration Server=1.22
Softing Uagates=1.74

Remedy

Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions: Softing Secure Integration Server V1.30 The latest software packages can be downloaded from the Softing website. Softing recommends the following mitigations and workarounds: Change the admin password or create a new user with administrative rights and delete the default admin user. Configure the Windows firewall to block network requests to IP port 9000. Disable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. For more details on these vulnerabilities and mitigations, users should see SYT-2022-6 on the Softing security website.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

  • What is CVE-2022-2336?

    CVE-2022-2336 is a vulnerability found in Softing Secure Integration Server, edgeConnector, and edgeAggregator software, where the default administrator credentials are set as username 'admin' and password 'admin'.

  • What is the severity level of CVE-2022-2336?

    The severity level of CVE-2022-2336 is critical with a CVSS score of 9.8.

  • Which software versions are affected by CVE-2022-2336?

    Softing Edgeaggregator version 3.1, Softing Edgeconnector version 3.1, Softing OPC version 5.2, Softing Opc Ua C++ Software Development Kit version 6, Softing Secure Integration Server version 1.22, and Softing Uagates version 1.74 are affected by CVE-2022-2336.

  • How can I fix CVE-2022-2336?

    To fix CVE-2022-2336, it is recommended to change the default administrator credentials (username: 'admin' and password: 'admin') to strong, unique credentials.

  • Where can I find more information about CVE-2022-2336?

    More information about CVE-2022-2336 can be found at the following references: [Reference 1](https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-6.html), [Reference 2](https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04).

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203