CVE-2022-29952
CRITICALBently Nevada 3701/40, 3701/44, 3701/46, and 60m100 Firmware - Unauthenticated Critical Function Access via TDI Protocol
Title source: llmDescription
Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://www.forescout.com/blog/
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02
Scores
CVSS v3
9.1
EPSS
0.0086
EPSS Percentile
53.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (4)
bakerhughes/bently_nevada_3701\/40_firmware
< 4.1
bakerhughes/bently_nevada_3701\/44_firmware
< 4.1
bakerhughes/bently_nevada_3701\/46_firmware
< 4.1
bakerhughes/bently_nevada_60m100_firmware
Published
Jul 26, 2022
Tracked Since
Feb 18, 2026