{"api_version":"1","generated_at":"2026-04-23T04:52:45+00:00","cve":"CVE-2022-2334","urls":{"html":"https://cve.report/CVE-2022-2334","api":"https://cve.report/api/cve/CVE-2022-2334.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-2334","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-2334"},"summary":{"title":"CVE-2022-2334","description":"The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22.","state":"PUBLIC","assigner":"ics-cert@hq.dhs.gov","published_at":"2022-08-17 21:15:00","updated_at":"2022-08-19 12:52:00"},"problem_types":["CWE-427"],"metrics":[],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04","name":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04","refsource":"CONFIRM","tags":[],"title":"Softing Secure Integration Server | CISA","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html","name":"https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html","refsource":"CONFIRM","tags":[],"title":"SYT-2022-5: Remote code execution vulnerability in configuration restore functionality of Secure Integration Server","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-2334","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2334","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA.","lang":""}],"nvd_cpes":[{"cve_year":"2022","cve_id":"2334","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"softing","cpe5":"edgeaggregator","cpe6":"3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2334","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"softing","cpe5":"edgeconnector","cpe6":"3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2334","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"softing","cpe5":"opc","cpe6":"5.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2334","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"softing","cpe5":"opc_ua_c\\+\\+_software_development_kit","cpe6":"6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2334","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"softing","cpe5":"secure_integration_server","cpe6":"1.22","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"2334","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"softing","cpe5":"uagates","cpe6":"1.74","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-2334","qid":"591147","title":"Softing Secure Integration Server Multiple Vulnerabilities (ICSA-22-228-04)"},{"cve":"CVE-2022-2334","qid":"751731","title":"SUSE Enterprise Linux Security Update for wpa_supplicant (SUSE-SU-2022:0504-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"ics-cert@hq.dhs.gov","ID":"CVE-2022-2334","STATE":"PUBLIC","TITLE":"Softing Secure Integration Server Uncontrolled Search Path Element"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Secure Integration Server","version":{"version_data":[{"version_affected":"=","version_value":"V1.22"}]}}]},"vendor_name":"Softing"}]}},"credit":[{"lang":"eng","value":"Pedro Ribeiro and Radek Domanski, working with Trend Micro Zero Day Initiative, reported these vulnerabilities to Softing and CISA."}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-427: Uncontrolled Search Path Element"}]}]},"references":{"reference_data":[{"name":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04","refsource":"CONFIRM","url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04"},{"name":"https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html","refsource":"CONFIRM","url":"https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html"}]},"solution":[{"lang":"eng","value":"Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions:\nSofting Secure Integration Server V1.30 \n\nThe latest software packages can be downloaded from the Softing website. \n\nSofting recommends the following mitigations and workarounds: \nChange the admin password or create a new user with administrative rights and delete the default admin user. \nConfigure the Windows firewall to block network requests to IP port 9000. \nDisable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. \nFor more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website."}],"source":{"discovery":"EXTERNAL"}},"nvd":{"publishedDate":"2022-08-17 21:15:00","lastModifiedDate":"2022-08-19 12:52:00","problem_types":["CWE-427"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:softing:edgeaggregator:3.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:softing:secure_integration_server:1.22:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:softing:edgeconnector:3.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:softing:opc:5.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:softing:opc_ua_c\\+\\+_software_development_kit:6:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:softing:uagates:1.74:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}