Platform
windows
Component
triangle-microworks-scada-data-gateway
CVE-2022-0369 is a Remote Code Execution (RCE) vulnerability affecting the Triangle MicroWorks SCADA Data Gateway. This flaw allows authenticated attackers to bypass authentication and execute arbitrary code on vulnerable systems. The vulnerability impacts versions 5.01.01–5.01.01 of the SCADA Data Gateway and requires a fix to mitigate the risk.
The impact of CVE-2022-0369 is significant due to the potential for remote code execution. A successful exploit allows an attacker to gain complete control over the affected SCADA Data Gateway server. This could lead to data breaches, system compromise, and disruption of industrial control processes. Given the SCADA environment, the potential for physical damage or safety incidents exists if the gateway controls critical infrastructure. The ability to bypass authentication further exacerbates the risk, as it lowers the barrier to entry for attackers.
CVE-2022-0369 was published on 2024-05-07. Exploitation context is currently limited, but the ease of bypassing authentication suggests a potential for exploitation if a public proof-of-concept is released. The vulnerability's presence in a SCADA system warrants a high level of concern. Its inclusion in the KEV catalog is pending.
Exploit Status
EPSS
2.20% (84% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2022-0369 is to upgrade to a patched version of the Triangle MicroWorks SCADA Data Gateway as soon as it becomes available. Until a patch is available, consider implementing network segmentation to isolate the SCADA Data Gateway from other systems. Restrict access to the Restore Workspace functionality to trusted users only. Monitor system logs for suspicious activity related to file operations and authentication attempts. Implement a Web Application Firewall (WAF) with rules to block attempts to manipulate file paths or access restricted directories. After upgrade, confirm functionality by attempting a workspace restore and verifying no errors occur.
Update Triangle MicroWorks SCADA Data Gateway to a patched version that mitigates the directory traversal vulnerability. Consult the vendor's website for the latest version and upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2022-0369 is a Remote Code Execution vulnerability in Triangle MicroWorks SCADA Data Gateway versions 5.01.01–5.01.01, allowing attackers to execute arbitrary code by bypassing authentication.
If you are running Triangle MicroWorks SCADA Data Gateway version 5.01.01–5.01.01, you are potentially affected by this vulnerability. Check your version and apply the recommended mitigation.
The recommended fix is to upgrade to a patched version of the SCADA Data Gateway as soon as it becomes available. Until then, implement network segmentation and restrict access to the Restore Workspace feature.
While active exploitation is not currently confirmed, the ease of bypassing authentication suggests a potential for exploitation if a public proof-of-concept is released.
Refer to the Triangle MicroWorks website and security advisories for the latest information and patch releases regarding CVE-2022-0369.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.