Emerson DeltaV Distributed Control System Insufficient Verification of Data Authenticity (CVE-2022-30260)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(500725);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2022-30260");

  script_name(english:"Emerson DeltaV Distributed Control System Insufficient Verification of Data Authenticity (CVE-2022-30260)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Emerson DeltaV Distributed Control System (DCS) has insufficient
verification of firmware integrity (an inadequate checksum approach,
and no signature). This affects versions before 14.3 of DeltaV
M-series, DeltaV S-series, DeltaV P-series, DeltaV SIS, and DeltaV
CIOC/EIOC/WIOC IO cards.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://www.forescout.com/blog/");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/uscert/ics/advisories/icsa-22-181-03");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Emerson has provided the following mitigations or workarounds:

Emerson has corrected CVE-2022-29965 in all currently supported versions of DeltaV. For additional mitigations and
preventative measures, please see the Emerson Guardian Support Portal (login required).

Emerson has mitigated CVE-2022-29962, CVE-2022-29963, and CVE-2022-29964 in all currently supported versions of DeltaV.
Please see the Emerson Guardian Support Portal (login required) for more information.

Emerson corrected the Firmware image verification vulnerability in Version 14.3 and mitigated it in all other versions.
Please see the Emerson Guardian Support Portal (login required) for more information.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-30260");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(345);

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/12/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/01/05");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:emerson:deltav_distributed_control_system_sq_controller_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Emerson");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Emerson');

var asset = tenable_ot::assets::get(vendor:'Emerson');

var vuln_cpes = {
    "cpe:/o:emerson:deltav_distributed_control_system_sq_controller_firmware" :
        {"versionEndExcluding" : "14.3", "family" : "SSeries"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);