Vulnerability-Lookup

CVE-2022-33139 (GCVE-0-2022-33139)

Vulnerability from cvelistv5 – Published: 2022-06-21 00:00 – Updated: 2024-08-03 08:01

Summary

A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.

Severity ?

No CVSS data available.

CWE

CWE-603 - Use of Client-Side Authentication

Assigner

siemens

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/pdf/s…

Impacted products

Vendor

Product

Version

Siemens

Cerberus DMS

Affected: All versions

Siemens	Desigo CC	Affected: All versions
Siemens	Desigo CC Compact	Affected: All versions
Siemens	SIMATIC WinCC OA V3.16	Affected: All versions in default configuration
Siemens	SIMATIC WinCC OA V3.17	Affected: All versions in non-default configuration
Siemens	SIMATIC WinCC OA V3.18	Affected: All versions in non-default configuration

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T08:01:20.028Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cerberus DMS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "Desigo CC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "Desigo CC Compact",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions in default configuration"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.17",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions in non-default configuration"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.18",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions in non-default configuration"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-603",
              "description": "CWE-603: Use of Client-Side Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-11T00:00:00",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-33139",
    "datePublished": "2022-06-21T00:00:00",
    "dateReserved": "2022-06-13T00:00:00",
    "dateUpdated": "2024-08-03T08:01:20.028Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2022-33139

Vulnerability from fkie_nvd - Published: 2022-06-21 13:15 - Updated: 2024-11-21 07:07

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf	Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	cerberus_dms	*
siemens	desigo_cc	*
siemens	desigo_cc_compact	*
siemens	wincc_open_architecture	3.16
siemens	wincc_open_architecture	3.17
siemens	wincc_open_architecture	3.18

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:cerberus_dms:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA0ADD9-466C-4F8F-B50E-95D8691C5083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D75ECA-E171-42BD-A475-A1DD4B9BE013",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_cc_compact:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CACBBE44-9869-4765-B55D-5A020CC56E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:wincc_open_architecture:3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE1A893-29AC-495A-9A8D-55EDCC7662C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:wincc_open_architecture:3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "20C1C682-0F47-48F8-A926-555F21268DF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:wincc_open_architecture:3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BB025B-E479-44BD-A8C7-9ABE52EF8288",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en Cerberus DMS (Todas las versiones), Desigo CC (Todas las versiones), Desigo CC Compact (Todas las versiones), SIMATIC WinCC OA V3.16 (Todas las versiones en configuraci\u00f3n por defecto), SIMATIC WinCC OA V3.17 (Todas las versiones en configuraci\u00f3n no por defecto), SIMATIC WinCC OA V3.18 (Todas las versiones en configuraci\u00f3n no por defecto). Las aplicaciones afectadas utilizan s\u00f3lo la autenticaci\u00f3n del lado del cliente, cuando no est\u00e1n habilitadas ni la autenticaci\u00f3n del lado del servidor (SSA) ni la autenticaci\u00f3n Kerberos. En esta configuraci\u00f3n, los atacantes podr\u00edan suplantar a otros usuarios o explotar el protocolo cliente-servidor sin ser autenticados"
    }
  ],
  "id": "CVE-2022-33139",
  "lastModified": "2024-11-21T07:07:35.323",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-06-21T13:15:08.537",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-603"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

CVE-2022-33139

Vulnerability from fstec - Published: 21.06.2022

Title

Уязвимость SCADA-системы SIMATIC WinCC, связанная с возможностью использования аутентификации на стороне клиента, позволяющая нарушителю повысить свои привилегии

Description

Уязвимость SCADA-системы SIMATIC WinCC связана с возможностью использования аутентификации на стороне клиента. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, повысить свои привилегии

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Siemens AG, ООО «Автоматизация Производств»

Software Name

SIMATIC WinCC OA, SCADA-система APDAR (запись в едином реестре российских программ №29643)

Software Version

до 3.16 включительно (SIMATIC WinCC OA), до 3.17 включительно (SIMATIC WinCC OA), до 3.18 включительно (SIMATIC WinCC OA), 1.21.1 (SCADA-система APDAR), 3.17.23 (SCADA-система APDAR), 3.18.6 (SCADA-система APDAR), 3.18.11.03 (SCADA-система APDAR)

Possible Mitigations

Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программно-го обеспечения только после оценки всех сопутствующих рисков. Компенсирующие меры: - включение аутентификации на стороне сервера (SSA) или аутентификации Kerberos (доступны, начиная с версии 3.15); - использование физического либо логического ограничения доступа к вычислительной сети с промышленным оборудованием и программным обеспечением путем разграничения межсетевыми экранами с выделением отдельной подсети. Использование рекомендаций производителя: https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf https://nvd.nist.gov/vuln/detail/CVE-2022-33139

CWE

CWE-603

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Siemens AG, \u041e\u041e\u041e \u00ab\u0410\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u044f \u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 3.16 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (SIMATIC WinCC OA), \u0434\u043e 3.17 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (SIMATIC WinCC OA), \u0434\u043e 3.18 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (SIMATIC WinCC OA), 1.21.1 (SCADA-\u0441\u0438\u0441\u0442\u0435\u043c\u0430 APDAR), 3.17.23 (SCADA-\u0441\u0438\u0441\u0442\u0435\u043c\u0430 APDAR), 3.18.6 (SCADA-\u0441\u0438\u0441\u0442\u0435\u043c\u0430 APDAR), 3.18.11.03 (SCADA-\u0441\u0438\u0441\u0442\u0435\u043c\u0430 APDAR)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432.\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSA) \u0438\u043b\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Kerberos (\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 3.15);\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043b\u0438\u0431\u043e \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0441 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u043c \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0443\u0442\u0435\u043c \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u044d\u043a\u0440\u0430\u043d\u0430\u043c\u0438 \u0441 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0439 \u043f\u043e\u0434\u0441\u0435\u0442\u0438.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "21.06.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "19.01.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "23.06.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-03715",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-33139",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "SIMATIC WinCC OA, SCADA-\u0441\u0438\u0441\u0442\u0435\u043c\u0430 APDAR (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211629643)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SCADA-\u0441\u0438\u0441\u0442\u0435\u043c\u044b SIMATIC WinCC, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CWE-603)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SCADA-\u0441\u0438\u0441\u0442\u0435\u043c\u044b SIMATIC WinCC \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-33139",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0410\u0421\u0423 \u0422\u041f, \u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0410\u0421\u0423 \u0422\u041f",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-603",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

GSD-2022-33139

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-33139

Aliases

CVE-2022-33139

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-33139",
    "description": "A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.",
    "id": "GSD-2022-33139"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-33139"
      ],
      "details": "A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.",
      "id": "GSD-2022-33139",
      "modified": "2023-12-13T01:19:23.086585Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2022-33139",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cerberus DMS",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Desigo CC",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Desigo CC Compact",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC OA V3.16",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions in default configuration"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC OA V3.17",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions in non-default configuration"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC OA V3.18",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions in non-default configuration"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-603: Use of Client-Side Authentication"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:siemens:cerberus_dms:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "9AA0ADD9-466C-4F8F-B50E-95D8691C5083",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:siemens:desigo_cc:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "90D75ECA-E171-42BD-A475-A1DD4B9BE013",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:siemens:desigo_cc_compact:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "CACBBE44-9869-4765-B55D-5A020CC56E3B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:siemens:wincc_open_architecture:3.16:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DFE1A893-29AC-495A-9A8D-55EDCC7662C1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:siemens:wincc_open_architecture:3.17:*:*:*:*:*:*:*",
                    "matchCriteriaId": "20C1C682-0F47-48F8-A926-555F21268DF3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:siemens:wincc_open_architecture:3.18:*:*:*:*:*:*:*",
                    "matchCriteriaId": "05BB025B-E479-44BD-A8C7-9ABE52EF8288",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated."
          },
          {
            "lang": "es",
            "value": "Se ha identificado una vulnerabilidad en Cerberus DMS (Todas las versiones), Desigo CC (Todas las versiones), Desigo CC Compact (Todas las versiones), SIMATIC WinCC OA V3.16 (Todas las versiones en configuraci\u00f3n por defecto), SIMATIC WinCC OA V3.17 (Todas las versiones en configuraci\u00f3n no por defecto), SIMATIC WinCC OA V3.18 (Todas las versiones en configuraci\u00f3n no por defecto). Las aplicaciones afectadas utilizan s\u00f3lo la autenticaci\u00f3n del lado del cliente, cuando no est\u00e1n habilitadas ni la autenticaci\u00f3n del lado del servidor (SSA) ni la autenticaci\u00f3n Kerberos. En esta configuraci\u00f3n, los atacantes podr\u00edan suplantar a otros usuarios o explotar el protocolo cliente-servidor sin ser autenticados"
          }
        ],
        "id": "CVE-2022-33139",
        "lastModified": "2024-02-13T17:21:45.563",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              "exploitabilityScore": 8.6,
              "impactScore": 6.4,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2022-06-21T13:15:08.537",
        "references": [
          {
            "source": "productcert@siemens.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
          },
          {
            "source": "productcert@siemens.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
          }
        ],
        "sourceIdentifier": "productcert@siemens.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-603"
              }
            ],
            "source": "productcert@siemens.com",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-287"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

CERTFR-2022-AVI-574

Vulnerability from certfr_avis - Published: 2022-06-22 - Updated: 2022-06-22

Une vulnérabilité a été découverte dans Siemens SIMATIC WinCC OA. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

SIMATIC WinCC OA versions 3.16 dans la configuration par défaut
SIMATIC WinCC OA versions 3.17 dans une configuration différente de celle définie par défaut
SIMATIC WinCC OA versions 3.18 dans une configuration différente de celle définie par défaut

L'éditeur ne propose pas de correctif pour cette vulnérabilité, se référer aux mesures de contournement proposées dans l'avis.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-111512 du 21 juin 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eSIMATIC WinCC OA versions 3.16 dans la configuration par d\u00e9faut\u003c/li\u003e \u003cli\u003eSIMATIC WinCC OA versions 3.17 dans une configuration diff\u00e9rente de celle d\u00e9finie par d\u00e9faut\u003c/li\u003e \u003cli\u003eSIMATIC WinCC OA versions 3.18 dans une configuration diff\u00e9rente de celle d\u00e9finie par d\u00e9faut\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eL\u0027\u00e9diteur ne propose pas de correctif pour cette vuln\u00e9rabilit\u00e9, se r\u00e9f\u00e9rer aux mesures de contournement propos\u00e9es dans l\u0027avis.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-33139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33139"
    }
  ],
  "initial_release_date": "2022-06-22T00:00:00",
  "last_revision_date": "2022-06-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-574",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Siemens SIMATIC WinCC OA. Elle\npermet \u00e0 un attaquant de provoquer un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Siemens SIMATIC WinCC OA",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-111512 du 21 juin 2022",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
    }
  ]
}

CERTFR-2022-AVI-897

Vulnerability from certfr_avis - Published: 2022-10-11 - Updated: 2022-10-11

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Siemens	N/A	Se référer aux bulletins de sécurité de l'éditeur (cf. section Documentation) pour la liste complète des systèmes affectés

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-697140 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-649853 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-552702 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-572005 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-501891 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-568427 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-928782 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-898115 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-384224 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-611756 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-935500 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-955858 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-313313 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-836027 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-360783 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-258115 du 11 octobre 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Se r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur (cf. section Documentation) pour la liste compl\u00e8te des syst\u00e8mes affect\u00e9s",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-41665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41665"
    },
    {
      "name": "CVE-2022-41851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41851"
    },
    {
      "name": "CVE-2022-40179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40179"
    },
    {
      "name": "CVE-2022-40182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40182"
    },
    {
      "name": "CVE-2022-40181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40181"
    },
    {
      "name": "CVE-2022-37864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37864"
    },
    {
      "name": "CVE-2022-31766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31766"
    },
    {
      "name": "CVE-2022-38371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38371"
    },
    {
      "name": "CVE-2022-40177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40177"
    },
    {
      "name": "CVE-2022-40226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40226"
    },
    {
      "name": "CVE-2022-40176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40176"
    },
    {
      "name": "CVE-2022-36362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36362"
    },
    {
      "name": "CVE-2022-40180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40180"
    },
    {
      "name": "CVE-2022-40631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40631"
    },
    {
      "name": "CVE-2022-33139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33139"
    },
    {
      "name": "CVE-2022-40178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40178"
    },
    {
      "name": "CVE-2022-36361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36361"
    },
    {
      "name": "CVE-2022-36363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36363"
    },
    {
      "name": "CVE-2022-40147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40147"
    },
    {
      "name": "CVE-2022-38465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38465"
    },
    {
      "name": "CVE-2022-36360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36360"
    },
    {
      "name": "CVE-2022-40227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40227"
    },
    {
      "name": "CVE-2022-31765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31765"
    }
  ],
  "initial_release_date": "2022-10-11T00:00:00",
  "last_revision_date": "2022-10-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-897",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-10-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-697140 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-697140.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-649853 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-649853.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-552702 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-552702.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-572005 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-572005.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-501891 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-501891.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-568427 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-568427.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-928782 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-928782.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-898115 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssb-898115.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-384224 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-384224.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-611756 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-611756.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-935500 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-935500.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-955858 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-955858.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-313313 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-313313.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-836027 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-836027.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-360783 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-360783.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-258115 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-258115.html"
    }
  ]
}

GHSA-28C6-247X-R9MW

Vulnerability from github – Published: 2022-06-22 00:00 – Updated: 2022-06-30 00:00

Details

A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-33139"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287",
      "CWE-603"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-21T13:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.",
  "id": "GHSA-28c6-247x-r9mw",
  "modified": "2022-06-30T00:00:40Z",
  "published": "2022-06-22T00:00:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33139"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2022-46963

Vulnerability from cnvd - Published: 2022-06-23

Title

Siemens SIMATIC WinCC OA客户端身份验证漏洞

Description

Siemens SIMATIC WinCC OA是德国西门子（Siemens）公司的一个SCADA操作系统。用于控制和监视工业应用。 Siemens SIMATIC WinCC OA存在安全漏洞，该漏洞源于服务器端身份验证(SSA)和Kerberos身份验证均未启用时，应用程序仅使用客户端身份验证。攻击者利用该漏洞可以冒充其他用户或在未经身份验证的情况下利用客户端-服务器协议。

Severity

高

Patch Name

Siemens SIMATIC WinCC OA客户端身份验证漏洞的补丁

Patch Description

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/html/ssa-111512.html

Reference

https://cert-portal.siemens.com/productcert/html/ssa-111512.html

Impacted products

Name
['Siemens SIMATIC WinCC OA 3.17', 'Siemens SIMATIC WinCC OA 3.16', 'Siemens SIMATIC WinCC OA 3.18']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-33139"
    }
  },
  "description": "Siemens SIMATIC WinCC OA\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u4e2aSCADA\u64cd\u4f5c\u7cfb\u7edf\u3002\u7528\u4e8e\u63a7\u5236\u548c\u76d1\u89c6\u5de5\u4e1a\u5e94\u7528\u3002\n\nSiemens SIMATIC WinCC OA\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u670d\u52a1\u5668\u7aef\u8eab\u4efd\u9a8c\u8bc1(SSA)\u548cKerberos\u8eab\u4efd\u9a8c\u8bc1\u5747\u672a\u542f\u7528\u65f6\uff0c\u5e94\u7528\u7a0b\u5e8f\u4ec5\u4f7f\u7528\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u5192\u5145\u5176\u4ed6\u7528\u6237\u6216\u5728\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u60c5\u51b5\u4e0b\u5229\u7528\u5ba2\u6237\u7aef-\u670d\u52a1\u5668\u534f\u8bae\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-111512.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-46963",
  "openTime": "2022-06-23",
  "patchDescription": "Siemens SIMATIC WinCC OA\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u4e2aSCADA\u64cd\u4f5c\u7cfb\u7edf\u3002\u7528\u4e8e\u63a7\u5236\u548c\u76d1\u89c6\u5de5\u4e1a\u5e94\u7528\u3002\r\n\r\nSiemens SIMATIC WinCC OA\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u670d\u52a1\u5668\u7aef\u8eab\u4efd\u9a8c\u8bc1(SSA)\u548cKerberos\u8eab\u4efd\u9a8c\u8bc1\u5747\u672a\u542f\u7528\u65f6\uff0c\u5e94\u7528\u7a0b\u5e8f\u4ec5\u4f7f\u7528\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u5192\u5145\u5176\u4ed6\u7528\u6237\u6216\u5728\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u60c5\u51b5\u4e0b\u5229\u7528\u5ba2\u6237\u7aef-\u670d\u52a1\u5668\u534f\u8bae\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SIMATIC WinCC OA\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens SIMATIC WinCC OA 3.17",
      "Siemens SIMATIC WinCC OA 3.16",
      "Siemens SIMATIC WinCC OA 3.18"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-111512.html",
  "serverity": "\u9ad8",
  "submitTime": "2022-06-22",
  "title": "Siemens SIMATIC WinCC OA\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-33139 (GCVE-0-2022-33139)

FKIE_CVE-2022-33139

CVE-2022-33139

GSD-2022-33139

CERTFR-2022-AVI-574

Solution

CERTFR-2022-AVI-897

Solution

GHSA-28C6-247X-R9MW

CNVD-2022-46963

Tags

Sightings

Nomenclature