CVE-2022-1373 : Security Advisory and Response
Learn about CVE-2022-1373 impacting Softing Secure Integration Server V1.22. Discover the vulnerability details, its impact, and mitigation strategies to secure your systems.
Softing Secure Integration Server Relative Path Traversal vulnerability allows attackers to execute arbitrary code by exploiting the directory traversal flaw in handling zip files.
Understanding CVE-2022-1373
This vulnerability affects Softing's Secure Integration Server V1.22 due to the insecure handling of zip files, enabling malicious actors to execute code.
What is CVE-2022-1373?
The vulnerability arises from the 'restore configuration' feature of Softing Secure Integration Server V1.22, which can be manipulated to load and execute malicious dll files using crafted zip files.
The Impact of CVE-2022-1373
With a CVSS base score of 7.2 (High Severity), this vulnerability poses a significant threat to confidentiality, integrity, and availability by allowing unauthorized code execution.
Technical Details of CVE-2022-1373
This section delves into the specifics of the vulnerability.
Vulnerability Description
The flaw in the 'restore configuration' feature of Softing Secure Integration Server V1.22 enables directory traversal, leading to arbitrary code execution when processing malicious zip files.
Affected Systems and Versions
Softing Secure Integration Server V1.22 is confirmed to be impacted by this vulnerability.
Exploitation Mechanism
Attackers can exploit this vulnerability by crafting a zip file containing a path traversal file, which can then be uploaded via the 'restore configuration' feature to execute arbitrary code.
Mitigation and Prevention
To safeguard systems against CVE-2022-1373, immediate actions and long-term security measures are recommended.
Immediate Steps to Take
Users are advised to update to the latest version, Softing Secure Integration Server V1.30, which contains patches to address this vulnerability. Additionally, implementing security best practices such as changing default admin passwords, firewall configurations, and server settings can enhance protection.
Long-Term Security Practices
In the long term, users should regularly apply security updates, conduct security assessments, and follow vendor guidelines to maintain a secure environment.
Patching and Updates
Softing has released new versions to address CVE-2022-1373. Users are urged to update to Softing Secure Integration Server V1.30 and follow the provided mitigations to prevent exploitation.