Weak Cryptographic Algorithm in Saia Burgess Controls PCD S-Bus Authentication
CVE-2022-30320

4.3MEDIUM

Key Information:

Vendor: Honeywell
Status: Saia Pg5 Controls Suite
Vendor: CVE Published:; 28 July 2022

What is CVE-2022-30320?

Saia Burgess Controls (SBC) PCD systems, operational until May 6, 2022, exhibit a significant vulnerability related to their S-Bus authentication mechanism. The use of a broken cryptographic algorithm exploits a weakness in the hashing scheme employed for credential verification. Specifically, the controllers rely on a CRC-16 based hashing method, which lacks cryptographic security, allowing potential attackers to intercept hashed credentials effortlessly. By analyzing the intercepted data, attackers can identify collisions and bypass authentication protocols, gaining unauthorized access to sensitive engineering functions. This exploit enables unauthorized manipulation of control logic and controller configurations, posing serious operational risks.

References

https://www.forescout.com/blog/

x_refsource_MISC

https://www.cisa.gov/uscert/ics/advisories/icsa-22-207-03

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 28, 2022
Vulnerability Reserved
May 6, 2022

Honeywell

What is CVE-2022-30320?

References

CVSS V3.1

Timeline