Multiple vulnerabilities in Siemens SINEMA Remote Connect Server
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-27219 CVE-2022-27220 |
| CWE-ID | CWE-358 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
SINEMA Remote Connect Server Server applications / SCADA systems |
| Vendor |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improperly implemented security check for standard
EUVDB-ID: #VU64409
Risk: Low
CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-27219
CWE-ID:
CWE-358 - Improperly Implemented Security Check for Standard
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the the affected application is missing general HTTP security headers in the web server. A remote attacker can make the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEMA Remote Connect Server: before 3.0 SP2
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-911567.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improperly implemented security check for standard
EUVDB-ID: #VU64410
Risk: Low
CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-27220
CWE-ID:
CWE-358 - Improperly Implemented Security Check for Standard
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the the affected application is missing general HTTP security headers in the web server. A remote attacker can make the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSINEMA Remote Connect Server: before 3.0 SP2
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-911567.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
