SNS: ASQ sofbus lacbus plugin null pointer dereferencing

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2022-015 CVE-2022-30279 02/09/2022 medium v1

Vulnerability details

The event logging of the ASQ sofbus lacbus plugin could lead to the dereferencing of a null pointer leading to the crash of SNS.

Impacted products

Stormshield Network Security medium SNS is impacted


Version Date Description
v1  05/12/2022 Initial release

Stormshield Network Security

CVSS v3.1 Overall Score: 6.2      


Impacted version

An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash.

  • SNS 4.3.3 to 4.3.7

Workaround solution


Disable sofbus lacbus ASQ plugin.
Or disable the “log by request” option in the plugin configuration (Token Log=0 in ConfigFiles/Protocols/Modbus/0x).

The 4.3.8 update will fix this vulnerability.

Attack Vector Attack Complexity Privileges Required User Interaction Scope Confidentiality Impact Integrity Impact Availability impact
Network High Low None Unchanged None None High
CVSS Base score: 5.3 CVSS Vector: (AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Exploit Code Maturity Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 4.6 CVSS Vector: (AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Confidentiality Requirement Integrity Requirement Availability Requirement
High High High
CVSS Environmental score: 6.2 CVSS Vector: (AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C/CR:H/IR:H/AR:H/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X)