cnvd - cnvd-2022-46963

cnvd-2022-46963

Vulnerability from cnvd

Title: Siemens SIMATIC WinCC OA客户端身份验证漏洞

Description:

Siemens SIMATIC WinCC OA是德国西门子（Siemens）公司的一个SCADA操作系统。用于控制和监视工业应用。

Siemens SIMATIC WinCC OA存在安全漏洞，该漏洞源于服务器端身份验证(SSA)和Kerberos身份验证均未启用时，应用程序仅使用客户端身份验证。攻击者利用该漏洞可以冒充其他用户或在未经身份验证的情况下利用客户端-服务器协议。

Severity: 高

Patch Name: Siemens SIMATIC WinCC OA客户端身份验证漏洞的补丁

Patch Description:

Siemens SIMATIC WinCC OA是德国西门子（Siemens）公司的一个SCADA操作系统。用于控制和监视工业应用。

Siemens SIMATIC WinCC OA存在安全漏洞，该漏洞源于服务器端身份验证(SSA)和Kerberos身份验证均未启用时，应用程序仅使用客户端身份验证。攻击者利用该漏洞可以冒充其他用户或在未经身份验证的情况下利用客户端-服务器协议。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/html/ssa-111512.html

Reference: https://cert-portal.siemens.com/productcert/html/ssa-111512.html

Impacted products

Name
['Siemens SIMATIC WinCC OA 3.17', 'Siemens SIMATIC WinCC OA 3.16', 'Siemens SIMATIC WinCC OA 3.18']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-33139"
    }
  },
  "description": "Siemens SIMATIC WinCC OA\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u4e2aSCADA\u64cd\u4f5c\u7cfb\u7edf\u3002\u7528\u4e8e\u63a7\u5236\u548c\u76d1\u89c6\u5de5\u4e1a\u5e94\u7528\u3002\n\nSiemens SIMATIC WinCC OA\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u670d\u52a1\u5668\u7aef\u8eab\u4efd\u9a8c\u8bc1(SSA)\u548cKerberos\u8eab\u4efd\u9a8c\u8bc1\u5747\u672a\u542f\u7528\u65f6\uff0c\u5e94\u7528\u7a0b\u5e8f\u4ec5\u4f7f\u7528\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u5192\u5145\u5176\u4ed6\u7528\u6237\u6216\u5728\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u60c5\u51b5\u4e0b\u5229\u7528\u5ba2\u6237\u7aef-\u670d\u52a1\u5668\u534f\u8bae\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-111512.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-46963",
  "openTime": "2022-06-23",
  "patchDescription": "Siemens SIMATIC WinCC OA\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u4e2aSCADA\u64cd\u4f5c\u7cfb\u7edf\u3002\u7528\u4e8e\u63a7\u5236\u548c\u76d1\u89c6\u5de5\u4e1a\u5e94\u7528\u3002\r\n\r\nSiemens SIMATIC WinCC OA\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u670d\u52a1\u5668\u7aef\u8eab\u4efd\u9a8c\u8bc1(SSA)\u548cKerberos\u8eab\u4efd\u9a8c\u8bc1\u5747\u672a\u542f\u7528\u65f6\uff0c\u5e94\u7528\u7a0b\u5e8f\u4ec5\u4f7f\u7528\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u5192\u5145\u5176\u4ed6\u7528\u6237\u6216\u5728\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u60c5\u51b5\u4e0b\u5229\u7528\u5ba2\u6237\u7aef-\u670d\u52a1\u5668\u534f\u8bae\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SIMATIC WinCC OA\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens SIMATIC WinCC OA 3.17",
      "Siemens SIMATIC WinCC OA 3.16",
      "Siemens SIMATIC WinCC OA 3.18"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-111512.html",
  "serverity": "\u9ad8",
  "submitTime": "2022-06-22",
  "title": "Siemens SIMATIC WinCC OA\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e"
}

CVE-2022-33139 (GCVE-0-2022-33139)

Vulnerability from cvelistv5

Published

2022-06-21 00:00

Modified

2024-08-03 08:01

Severity ?

CWE

CWE-603 - Use of Client-Side Authentication

Summary

A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf
	https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf

Impacted products

Vendor

Product

Version

▼

Siemens

Cerberus DMS

Version: All versions

Siemens	Desigo CC	Version: All versions
Siemens	Desigo CC Compact	Version: All versions
Siemens	SIMATIC WinCC OA V3.16	Version: All versions in default configuration
Siemens	SIMATIC WinCC OA V3.17	Version: All versions in non-default configuration
Siemens	SIMATIC WinCC OA V3.18	Version: All versions in non-default configuration

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T08:01:20.028Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cerberus DMS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "Desigo CC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "Desigo CC Compact",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions in default configuration"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.17",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions in non-default configuration"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.18",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions in non-default configuration"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-603",
              "description": "CWE-603: Use of Client-Side Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-11T00:00:00",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-33139",
    "datePublished": "2022-06-21T00:00:00",
    "dateReserved": "2022-06-13T00:00:00",
    "dateUpdated": "2024-08-03T08:01:20.028Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted