Share: Email | Twitter

ID

VDE-2022-012

Published

2022-04-26 14:00 (CEST)

Last update

2022-05-16 16:15 (CEST)

Vendor(s)

Pepperl+Fuchs SE

Product(s)

Article No┬░ Product Name Affected Version(s)
BTC11-*-TS2-* = RM Shell Version 5.x, Windows 10 LTSC 2016
BTC11-*-TS3-* = RM Shell Version 5.x, Windows 10 LTSC 2016
BTC12-*-TS2-* = RM Shell Version 5.x, Windows 10 LTSC 2016
BTC12-*-TS3-* = RM Shell Version 5.x, Windows 10 LTSC 2019
BTC14-*-TS2-* = RM Shell Version 5.x, Windows 10 LTSC 2016
BTC14-*-TS3-* = RM Shell Version 5.x, Windows 10 LTSC 2019
PAD-EX01P8DZ2EURC0508256WIFRMS = RM Shell Version 5.x, Windows 10 LTSC 2019
RM2xx-*-T6-* = RM Shell Version 5.x, Windows 10 LTSC 2016
RM3207-*-T61-* = RM Shell Version 5.x, Windows 10 LTSC 2016
RM-320S-*-2-* = RM Shell Version 5.x, Windows 10 LTSC 2019
RM32xx-*-T61-* = RM Shell Version 5.x, Windows 10 LTSC 2016
RM37xx-*-T6-* = RM Shell Version 5.x, Windows 10 LTSC 2016
RM82xx-*-T61-* = RM Shell Version 5.x, Windows 10 LTSC 2016
RM87xx-*-T61-* = RM Shell Version 5.x, Windows 10 LTSC 2016
RM9xx-*-T61-* = RM Shell Version 5.x, Windows 10 LTSC 2016
RM-GXP-*-T2-* = RM Shell Version 5.x, Windows 10 LTSC 2016
RM-GXP-*-T3-* = RM Shell Version 5.x, Windows 10 LTSC 2019
UPGRADE-RMSHELL4-TO-SHELL5* = RM Shell Version 5.x, Windows 10 LTSC 2016
UPGRADE-TO-SHELL5-2019-LTSC* = RM Shell Version 5.x, Windows 10 LTSC 2019

Summary

Critical vulnerabilities have been discovered in the utilized component Remote Desktop Client by Microsoft.
For more information see: https://msrc.microsoft.com/update-guide/vulnerability/CVE- 2022-21990


Weakness

Insufficient Information  (NVD-CWE-noinfo) 

Summary

Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23285.


Impact

Pepperl+Fuchs analyzed and identified affected devices.

In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacking server with the vulnerable Remote Desktop Client.
The impact of the vulnerabilities on the affected device may result in

  • code execution

With the products mentioned above, the connection can only be established to RDP servers that have already been preconfigured by the role administrator or engineer. The role operator can therefore not connect to a random RDP server.

Solution

Mitigation

The following external protective measured are required:

  • Connect only to trusted RDP servers.
  • Protect your RDP servers with anti-virus software and Intrusion Detection System
    (=IDS)
  • Access control to RDP servers and the role administrator and engineer on the
    affected device.

UPDATE A

Solution

Install the following firmware with security patches to fix this vulnerability.
For products with Windows 10 LTSB 2016:
RM Image 5 Windows Cumulative Security Patch 03/2022 (KB5011495)

  • incl. 2021-09 Servicing Stack Update (KB5005698)
  • incl. Microsoft .NET Framework 4.7.2 for x64 (KB4054590)

Link: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-33624

For products with Windows 10 LTSC 2019:
RM Image 5.5 Windows Cumulative Security Patch for LTSC 03/2022 (KB5011503)

  • incl. 08/2021 Servicing Stack Update (KB5005112)

Link: https://www.pepperl-fuchs.com/cgi-bin/db/doci.pl/?ShowDocByDocNo=18-34182

Please note that the links provided are managed and point to the latest firmware available
for VisuNet devices.

END UPDATE A

Reported by

CERT@VDE coordinated with Pepperl+Fuchs.