ICSA-22-132-10
Vulnerability from csaf_cisa
Published
2022-05-12 00:00
Modified
2022-06-16 00:00
Summary
Siemens Desigo PXC and DXR Devices
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to potentially intercept unencrypted transmission of sensitive information, cause a denial-of-service condition, perform remote code execution, or disable and reset a device to factory state.
Critical infrastructure sectors
Multiple Sectors
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/ics in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"names": [
"Andrea Palanca"
],
"organization": "Nozomi Networks",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to potentially intercept unencrypted transmission of sensitive information, cause a denial-of-service condition, perform remote code execution, or disable and reset a device to factory state.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Multiple Sectors",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/ics in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-132-10 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-132-10.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-132-10 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-10"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens Desigo PXC and DXR Devices",
"tracking": {
"current_release_date": "2022-06-16T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-132-10",
"initial_release_date": "2022-05-12T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-05-12T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-132-10 Siemens Desigo PXC and DXR Devices"
},
{
"date": "2022-06-16T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-22-132-10 Siemens Desigo PXC and DXR Devices (Update A)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 01.21.142.5-22",
"product": {
"name": "Desigo DXR2: All versions prior to v01.21.142.5-22",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Desigo DXR2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 01.21.142.4-18",
"product": {
"name": "Desigo PXC3: All versions prior to v01.21.142.4-18",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Desigo PXC3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 02.20.142.10-10884",
"product": {
"name": "Desigo PXC4: All versions prior to v02.20.142.10-10884",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Desigo PXC4"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 02.20.142.10-10884",
"product": {
"name": "Desigo PXC5: All versions prior to v02.20.142.10-10884",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Desigo PXC5"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24039",
"cwe": {
"id": "CWE-75",
"name": "Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)"
},
"notes": [
{
"category": "summary",
"text": "The addCell JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document as it is possible to inject arbitrary content (e.g., XML tags) into the generated file. An attacker with restricted privileges could corrupt the content used to generate XLS reports to leverage the application to deliver malicious files against higher-privileged users and obtain remote code execution (RCE) against the administrator \u0027s workstation.CVE-2022-24039 has been assigned to this vulnerability. A CVSS v3 base score of 9.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "cwe.mitre.org",
"url": "https://cwe.mitre.org/data/definitions/75.html"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo DXR2: Update to v01.21.142.5-22 or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC3: Update to v01.21.142.4-18 or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC4: Update to v02.20.142.10-10884 or later ",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC5: Update to v02.20.142.10-10884 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Contact Siemens for update information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "vendor_fix",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-626968",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-662649",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-662649.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2022-24040",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial-of-service condition through CPU consumption by setting a PBKDF2 derived key with a high-cost effort, followed by a login attempt to the modified account.CVE-2022-24040 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24040"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo DXR2: Update to v01.21.142.5-22 or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC3: Update to v01.21.142.4-18 or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC4: Update to v02.20.142.10-10884 or later ",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC5: Update to v02.20.142.10-10884 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Contact Siemens for update information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "vendor_fix",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-626968",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-662649",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-662649.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2022-24041",
"cwe": {
"id": "CWE-916",
"name": "Use of Password Hash With Insufficient Computational Effort"
},
"notes": [
{
"category": "summary",
"text": "The web application stores the PBKDF2 derived key of user \u0027s passwords with a low iteration count. An attacker with user profile access privilege can retrieve the stored password hashes of other accounts and then successfully perform an offline cracking attack and recover the plaintext passwords of other users.CVE-2022-24041 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24041"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo DXR2: Update to v01.21.142.5-22 or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC3: Update to v01.21.142.4-18 or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC4: Update to v02.20.142.10-10884 or later ",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC5: Update to v02.20.142.10-10884 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Contact Siemens for update information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "vendor_fix",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-626968",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-662649",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-662649.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2022-24042",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"notes": [
{
"category": "summary",
"text": "The web application returns an AuthToken that does not expire at the defined auto logoff delay timeout. An attacker could capture this token and re-use old session credentials or session IDs for authorization.CVE-2022-24042 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24042"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo DXR2: Update to v01.21.142.5-22 or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC3: Update to v01.21.142.4-18 or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC4: Update to v02.20.142.10-10884 or later ",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC5: Update to v02.20.142.10-10884 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Contact Siemens for update information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "vendor_fix",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-626968",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-662649",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-662649.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2022-24043",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "The login functionality of the application fails to normalize the response times of login attempts performed with wrong usernames with the ones executed with correct usernames. A remote unauthenticated attacker could exploit this side-channel information to perform a username enumeration attack and identify valid usernames.CVE-2022-24043 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24043"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo DXR2: Update to v01.21.142.5-22 or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC3: Update to v01.21.142.4-18 or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC4: Update to v02.20.142.10-10884 or later ",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC5: Update to v02.20.142.10-10884 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Contact Siemens for update information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "vendor_fix",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-626968",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-662649",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-662649.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2022-24044",
"cwe": {
"id": "CWE-307",
"name": "Improper Restriction of Excessive Authentication Attempts"
},
"notes": [
{
"category": "summary",
"text": "The login functionality of the application does not employ countermeasures against password spraying attacks or credential stuffing attacks. An attacker could obtain a list of valid usernames on the device and use that list to perform a precise password spraying or credential stuffing attack to obtain access to at least one account.CVE-2022-24044 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24044"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo DXR2: Update to v01.21.142.5-22 or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC3: Update to v01.21.142.4-18 or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC4: Update to v02.20.142.10-10884 or later ",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC5: Update to v02.20.142.10-10884 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Contact Siemens for update information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "vendor_fix",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-626968",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-662649",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-662649.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2022-24045",
"cwe": {
"id": "CWE-614",
"name": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute"
},
"notes": [
{
"category": "summary",
"text": "Following a successful login, the application sets the session cookie on the browser via client-side JavaScript code without applying security attributes (such as Secure HttpOnly or SameSite). Any attempts to browse the application via unencrypted HTTP protocol would lead to the transmission of all session cookies in plaintext through the network. An attacker could then sniff the network and capture sensitive information.CVE-2022-24045 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24045"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo DXR2: Update to v01.21.142.5-22 or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC3: Update to v01.21.142.4-18 or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC4: Update to v02.20.142.10-10884 or later ",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC5: Update to v02.20.142.10-10884 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Contact Siemens for update information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "vendor_fix",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-626968",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-662649",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-662649.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2021-41545",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"notes": [
{
"category": "summary",
"text": "When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a out of work state and could result in the controller going into a factory reset state.CVE-2021-41545 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41545"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo DXR2: Update to v01.21.142.5-22 or later",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC3: Update to v01.21.142.4-18 or later",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC4: Update to v02.20.142.10-10884 or later ",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "Siemens recommends updating to the latest software version: Desigo PXC5: Update to v02.20.142.10-10884 or later",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Contact Siemens for update information.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "vendor_fix",
"details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens \u0027 operational guidelines for industrial security and following the recommendations in the product manuals.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-626968",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf"
},
{
"category": "vendor_fix",
"details": "For additional information, please refer to Siemens Security Advisory SSA-662649",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-662649.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…