Multiple vulnerabilities in Siemens SINEMA Remote Connect Server



Published: 2022-06-16 | Updated: 2022-09-21
Risk High
Patch available YES
Number of vulnerabilities 30
CVE-ID CVE-2022-22826
CVE-2022-25315
CVE-2022-25314
CVE-2022-25236
CVE-2022-22827
CVE-2022-22825
CVE-2022-22824
CVE-2022-22823
CVE-2021-22925
CVE-2022-25313
CVE-2022-25235
CVE-2022-23990
CVE-2022-23852
CVE-2022-22822
CVE-2021-46143
CVE-2021-45960
CVE-2021-22924
CVE-2022-29034
CVE-2022-32251
CVE-2022-32262
CVE-2022-27221
CVE-2022-32252
CVE-2022-32253
CVE-2022-32254
CVE-2022-32255
CVE-2022-32256
CVE-2022-32258
CVE-2022-32259
CVE-2022-32260
CVE-2022-32261
CWE-ID CWE-190
CWE-20
CWE-457
CWE-121
CWE-94
CWE-400
CWE-295
CWE-79
CWE-306
CWE-77
CWE-310
CWE-345
CWE-532
CWE-284
CWE-448
CWE-200
CWE-286
CWE-233
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
SINEMA Remote Connect Server
Server applications / SCADA systems

Vendor Siemens

Security Bulletin

This security bulletin contains information about 30 vulnerabilities.

1) Integer overflow

EUVDB-ID: #VU59649

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22826

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the nextScaffoldPart() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Integer overflow

EUVDB-ID: #VU60739

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-25315

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in storeRawNames function. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Integer overflow

EUVDB-ID: #VU60738

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-25314

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in copyString. A remote attacker can pass specially crafted data to the application, trigger integer overflow and cause a denial of service condition on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Input validation error

EUVDB-ID: #VU60733

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-25236

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper protection against insertion of namesep characters into namespace URIs in xmlparse.c. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

5) Integer overflow

EUVDB-ID: #VU59650

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22827

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the storeAtts() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

6) Integer overflow

EUVDB-ID: #VU59648

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22825

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the lookup() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

7) Integer overflow

EUVDB-ID: #VU59647

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22824

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the defineAttribute() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

8) Integer overflow

EUVDB-ID: #VU59646

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22823

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the build_model() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

9) Use of Uninitialized Variable

EUVDB-ID: #VU55149

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-22925

CWE-ID: CWE-457 - Use of Uninitialized Variable

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to usage of uninitialized variable in code, responsible for processing TELNET requests when parsing NEW_ENV variables. A remote attacker can force the affected application to connect to a telnet server under attackers control and read up to 1800 bytes from the uninitialized memory on the libcurl client system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

10) Stack-based buffer overflow

EUVDB-ID: #VU60737

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-25313

CWE-ID: CWE-121 - Stack-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in build_model. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

11) Code Injection

EUVDB-ID: #VU60736

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-25235

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the affected application lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. A remote attacker can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

12) Integer overflow

EUVDB-ID: #VU60114

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-23990

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the doProlog() function. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

13) Integer overflow

EUVDB-ID: #VU59966

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-23852

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

14) Integer overflow

EUVDB-ID: #VU59645

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-22822

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the addBinding() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

15) Integer overflow

EUVDB-ID: #VU59643

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-46143

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the doProlog() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

16) Resource exhaustion

EUVDB-ID: #VU59642

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-45960

CWE-ID: CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in the storeAtts() function in xmlparse.c. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

17) Improper Certificate Validation

EUVDB-ID: #VU55146

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-22924

CWE-ID: CWE-295 - Improper Certificate Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to errors in the logic when the config matching function does not take "issuer cert" into account and it compares the involved paths case insensitively. A remote attacker can gain access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

18) Cross-site scripting

EUVDB-ID: #VU64425

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-29034

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web interface. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

19) Missing Authentication for Critical Function

EUVDB-ID: #VU64426

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32251

CWE-ID: CWE-306 - Missing Authentication for Critical Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to missing authentication verification for a resource used to change the roles and permissions of a user. A remote user can change the permissions of any user and gain the privileges of an administrative user

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

20) Command Injection

EUVDB-ID: #VU64427

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32262

CWE-ID: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The vulnerability exists due to improper input validation in the file upload server. A remote user can pass specially crafted data to the application and execute arbitrary commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

21) Cryptographic issues

EUVDB-ID: #VU64428

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-27221

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to a "BREACH" attack issue. A remote attacker in machine-in-the-middle can obtain plaintext secret values.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

22) Insufficient verification of data authenticity

EUVDB-ID: #VU64429

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32252

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a local user to compromsie the target system.

The vulnerability exists due to insufficient verification of data authenticity. A local administrator can trick a victim to install a malicious package and gain root privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

23) Input validation error

EUVDB-ID: #VU64431

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32253

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied input. A remote administrator can print the OpenSSL certificate's password to a reachable file.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

24) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU64432

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32254

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files. A remote user can send a specially crafted HTTP POST request to read the log files and gain access to sensitive data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

25) Improper access control

EUVDB-ID: #VU64435

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32255

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote attacker can bypass implemented security restrictions and gain access to limited information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

26) Improper access control

EUVDB-ID: #VU64437

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32256

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote user can bypass implemented security restrictions and gain unauthorized access to privileged information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

27) Obsolete Feature in UI

EUVDB-ID: #VU64439

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32258

CWE-ID: CWE-448 - Obsolete Feature in UI

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected application contains an older feature that allows to import device configurations via a specific endpoint. A remote attacker can gain unauthorized access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

28) Information disclosure

EUVDB-ID: #VU64441

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32259

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the system images for installation or update contain unit test scripts with sensitive information. A remote attacker can gain information about testing architecture and also tamper with test configuration.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

29) Incorrect User Management

EUVDB-ID: #VU64442

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32260

CWE-ID: CWE-286 - Incorrect User Management

Exploit availability: No

Description

The vulnerability allows a local user to bypass authentication process.

The vulnerability exists due to the affected application creates temporary user credentials for UMC (User Management Component) users. A local administrator can use these temporary credentials for authentication bypass.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

30) Improper Handling of Parameters

EUVDB-ID: #VU64443

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32261

CWE-ID: CWE-233 - Improper Handling of Parameters

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected application contains a misconfiguration in the APT update. A remote attacker can add insecure packages to the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1


CPE2.3 External links

http://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###