無料スキャン
CRITICALCVE-2022-31483CVSS 9.1

認証済みユーザーによるOSDPファイルアップロードを介した任意のファイル書き込み

プラットフォーム

linux

コンポーネント

hid-mercury-intelligent-controllers

修正版

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

AI Confidence: highNVDEPSS 0.6%レビュー済み: 2026年5月
NVDで見る
保存
あなたの言語に翻訳中…

CVE-2022-31483 describes an Arbitrary File Access vulnerability present in HID Mercury Intelligent Controllers running firmware versions prior to 1.271. This vulnerability allows an authenticated attacker to upload files with manipulated filenames, enabling them to overwrite sensitive system files. Successful exploitation can lead to root access on the underlying Linux operating system, posing a significant security risk.

影響と攻撃シナリオ翻訳中…

The impact of CVE-2022-31483 is severe. An attacker exploiting this vulnerability can upload arbitrary files to any location on the controller's filesystem. This allows for the overwriting of critical system files, potentially leading to a complete compromise of the device. The attacker could install a startup service to maintain persistent remote access with root privileges, effectively establishing a backdoor. This could be leveraged for data exfiltration, denial of service, or further attacks against connected systems. The ability to gain root access represents a significant escalation of privileges and a substantial blast radius.

悪用の状況翻訳中…

CVE-2022-31483 was publicly disclosed on June 6, 2022. While no active exploitation campaigns have been publicly confirmed, the vulnerability's critical severity and ease of exploitation make it a potential target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, but the vulnerability's nature suggests that development is likely. The ability to achieve root access with relative ease increases the likelihood of exploitation.

リスク対象者翻訳中…

Organizations utilizing HID Mercury Intelligent Controllers in industrial control systems, building automation networks, or any environment where these controllers manage critical infrastructure are at significant risk. Specifically, deployments relying on older firmware versions (≤1.271) and those with limited network segmentation are particularly vulnerable. Shared hosting environments where multiple tenants share the same controller hardware also present an increased risk surface.

検出手順翻訳中…

• linux / server:

journalctl -u hid-mercury -f | grep -i "upload"

• linux / server:

find / -name '*..*' -print 2>/dev/null

• linux / server:

lsof -i :8080 # Check for unusual processes listening on web ports

攻撃タイムライン

  1. Disclosure

    disclosure

脅威インテリジェンス

エクスプロイト状況

概念実証不明
CISA KEVNO
インターネット露出

EPSS

0.62% (70% パーセンタイル)

CVSS ベクトル

脅威インテリジェンス· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H9.1CRITICALAttack VectorNetwork攻撃者がターゲットに到達する方法Attack ComplexityLow悪用に必要な条件Privileges RequiredHigh攻撃に必要な認証レベルUser InteractionNone被害者の操作が必要かどうかScopeChanged影響コンポーネント外への波及ConfidentialityHigh機密データ漏洩のリスクIntegrityHigh不正データ改ざんのリスクAvailabilityHighサービス障害のリスクnextguardhq.com · CVSS v3.1 基本スコア
これらのメトリクスの意味は?
Attack Vector
ネットワーク — インターネット経由でリモートから悪用可能。物理・ローカルアクセス不要。
Attack Complexity
低 — 特別な条件不要。安定して悪用可能。
Privileges Required
高 — 管理者または特権アカウントが必要。
User Interaction
なし — 自動かつ無音の攻撃。被害者は何もしない。
Scope
変化あり — 攻撃が脆弱なコンポーネントを超えて他のシステムに波及可能。
Confidentiality
高 — 機密性の完全喪失。全データが読み取り可能。
Integrity
高 — 任意のデータの書き込み・変更・削除が可能。
Availability
高 — 完全なクラッシュまたはリソース枯渇。完全なサービス拒否。

影響を受けるソフトウェア

コンポーネントhid-mercury-intelligent-controllers
ベンダーLenelS2
影響範囲修正版
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271

弱点分類 (CWE)

CWE-22

タイムライン

  1. 予約済み
  2. 公開日
  3. 更新日
  4. EPSS 更新日

緩和策と回避策翻訳中…

The primary mitigation for CVE-2022-31483 is to upgrade the HID Mercury Intelligent Controllers firmware to version 1.271 or later. If an immediate upgrade is not possible due to compatibility concerns or system downtime requirements, consider implementing stricter file upload validation on the web interface to prevent the injection of malicious filenames containing “..” and “/”. While not a complete solution, this can reduce the attack surface. Monitor system logs for unusual file creation or modification activity, particularly in sensitive system directories. After upgrading the firmware, verify the fix by attempting a file upload with a filename containing “..” and “/” – the upload should be rejected.

修正方法

HID Mercury Intelligent Controllersのファームウェアをバージョン1.271以降にアップデートしてください。これにより、任意のファイル書き込みとルート権限でのリモートアクセス取得を可能にする脆弱性が修正されます。

CVEセキュリティニュースレター

脆弱性分析と重要アラートをメールでお届けします。

よくある質問翻訳中…

What is CVE-2022-31483 — Arbitrary File Access in HID Mercury Controllers?

CVE-2022-31483 is a critical vulnerability allowing authenticated attackers to upload files to any location on HID Mercury Intelligent Controllers, potentially leading to root access and system compromise.

Am I affected by CVE-2022-31483 in HID Mercury Controllers?

You are affected if you are using HID Mercury Intelligent Controllers with firmware versions equal to or less than 1.271. Check your firmware version and upgrade immediately if necessary.

How do I fix CVE-2022-31483 in HID Mercury Controllers?

The recommended fix is to upgrade the firmware to version 1.271 or later. Implement stricter file upload validation as a temporary workaround if an upgrade is not immediately possible.

Is CVE-2022-31483 being actively exploited?

While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation suggest it is a potential target.

Where can I find the official HID advisory for CVE-2022-31483?

Refer to the HID advisory for detailed information and updates: https://www.hidglobal.com/security-advisory/hid-mercury-intelligent-controllers-arbitrary-file-access-vulnerability

あなたのプロジェクトは影響を受けていますか?

依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。

無料スキャンCVEを検索