CVE-2022-26303: 
Open Automation Software vulnerability analysis and mitigation

An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software (OAS) Platform V16.00.0112, identified as CVE-2022-26303. The vulnerability was discovered by Jared Rittle of Cisco Talos and publicly disclosed on May 25, 2022. This vulnerability affects the OAS Platform, which is designed to facilitate simplified data transfer between various proprietary devices and applications, including both software and hardware components (Talos Intelligence, Threatpost).

The vulnerability has a CVSS v3 score of 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) and is classified under CWE-306 (Missing Authentication for Critical Function). By sending a series of properly-formatted unauthenticated configuration messages to TCP port 58727, an attacker can create a new OAS user account and apply a custom Security Group. The vulnerability can be exploited through two main commands: SecureAddUser and SecureConfigValues, which allow for the creation of new user accounts and the application of custom security groups from an unauthenticated context (Talos Intelligence).

When successfully exploited, this vulnerability allows an attacker to create new user accounts with custom security group permissions on the OAS Platform. This access can be leveraged to make authenticated requests to the platform, potentially affecting critical infrastructure networks where OAS Platform is commonly deployed in industrial control systems (ICS), SCADA systems, and IoT devices (Threatpost).

The primary mitigation strategy is to prevent access to the configuration port (TCP/58727 by default) when not actively configuring the OAS Platform. Additionally, organizations should use a dedicated user account to run the OAS Platform with minimal necessary permissions. Proper network segmentation is recommended to ensure adversaries have the lowest possible level of access to the network on which the OAS Platform communicates (Talos Intelligence).