Meridian Cooperative Meridian

Plan Patch7.5ICS-CERT ICSA-22-165-02Jun 14, 2022

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Meridian utility software versions 22.02 and 22.03 contain an improper access control vulnerability (CWE-284) that allows disclosure of sensitive information. The vulnerability has been resolved in version 22.04 and later.

What this means

What could happen

An attacker could obtain sensitive information from the Meridian utility software, potentially including configuration data or credentials that could be used for further attacks on energy infrastructure.

Who's at risk

Energy utilities and cooperatives using Meridian utility software for SCADA control, data acquisition, or operations management should prioritize this vulnerability. Any organization managing power distribution, generation, or transmission that relies on Meridian for supervisory functions is affected.

How it could be exploited

An attacker with network access to the Meridian software can exploit an access control weakness to read sensitive information without requiring authentication or user interaction. The attack does not require complex techniques.

Prerequisites

Network access to the Meridian utility software instance
No authentication required

remotely exploitableno authentication requiredlow complexityaffects sensitive operational data

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

Meridian utility software:22.0222.04 or later

Meridian utility software:22.0322.04 or later

Remediation & Mitigation

0/3

Do now

0/2

HARDENINGRestrict network access to Meridian utility software to authorized engineering and operations staff only using firewall rules and network segmentation

HARDENINGImplement network monitoring to detect unauthorized access attempts to Meridian utility software instances

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Meridian utility software to version 22.04 or later

CVEs (1)

CVE-2022-29578

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/df48d5a3-4b8e-4f24-8828-6b2c738b8d31