CVE-2022-29735 – Delta Controls enteliTOUCH building automation ... (How to Fix)

Q: What is the severity of CVE-2022-29735?

CVE-2022-29735 has a CVSS score of 8.8 (HIGH). Delta Controls enteliTOUCH building automation controllers have a cross-site request forgery (CSRF) vulnerability that allows attackers to execute arbitrary commands via crafted HTTP requests. This affects enteliTOUCH versions 3.40.3935, 3.40.3706, and 3.33.4005. Attackers can potentially take full control of affected building automation systems.

📋 TL;DR

Delta Controls enteliTOUCH building automation controllers have a cross-site request forgery (CSRF) vulnerability that allows attackers to execute arbitrary commands via crafted HTTP requests. This affects enteliTOUCH versions 3.40.3935, 3.40.3706, and 3.33.4005. Attackers can potentially take full control of affected building automation systems.

💻 Affected Systems

Products:

Delta Controls enteliTOUCH

Versions: 3.40.3935, 3.40.3706, 3.33.4005

Operating Systems: Embedded/Proprietary

Default Config Vulnerable: ⚠️ Yes

Notes: Affects specific firmware versions of enteliTOUCH building automation controllers.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to execute arbitrary commands, manipulate building controls, disable security systems, or pivot to other network systems.

🟠

Likely Case

Unauthorized command execution leading to building system manipulation, data theft, or service disruption.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing exploitation attempts.

🌐 Internet-Facing: HIGH - HTTP-based vulnerability that can be exploited remotely if systems are exposed to the internet.

🏢 Internal Only: HIGH - Even internally, attackers with network access can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Crafted HTTP requests can trigger command execution without authentication. Public vulnerability details available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check with Delta Controls for updated firmware

Vendor Advisory: https://www.deltacontrols.com/

Restart Required: Yes

Instructions:

1. Contact Delta Controls support for patched firmware. 2. Backup current configuration. 3. Apply firmware update via management interface. 4. Restart device. 5. Verify functionality.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate enteliTOUCH devices on separate VLANs with strict firewall rules.

Access Control

all

Implement strict network access controls to limit HTTP access to authorized IPs only.

🧯 If You Can't Patch

Implement strict network segmentation to isolate enteliTOUCH devices from untrusted networks
Deploy web application firewall (WAF) with CSRF protection rules in front of devices

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or management console. If version matches affected list, device is vulnerable.

Check Version:

Check via web interface at http://[device-ip]/ or through management software

Verify Fix Applied:

Verify firmware version has been updated to a version not listed in affected versions.

📡 Detection & Monitoring

Log Indicators:

Unusual HTTP requests to enteliTOUCH devices
Multiple failed authentication attempts followed by command execution patterns

Network Indicators:

HTTP requests with unusual parameters or command injection patterns to enteliTOUCH ports

SIEM Query:

source_ip="*" AND dest_ip="enteliTOUCH_IP" AND (http_method="POST" OR http_method="GET") AND (url_contains="command" OR url_contains="exec")

📊 Metadata

CVE ID: CVE-2022-29735

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-352

Published: June 2, 2022

Last Updated: November 21, 2024

🔗 References

https://www.deltacontrols.com/ Vendor Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5702.php Exploit,Third Party Advisory
https://www.deltacontrols.com/ Vendor Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5702.php Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-29735, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Entelitouch Firmware by Deltacontrols

Entelitouch Firmware by Deltacontrols

Entelitouch Firmware by Deltacontrols

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Access Control

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities