#VU64428 Cryptographic issues in SINEMA Remote Connect Server - CVE-2022-27221


Vulnerability identifier: #VU64428

Vulnerability risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-27221

CWE-ID: CWE-310

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SINEMA Remote Connect Server
Server applications / SCADA systems

Vendor: Siemens

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to a "BREACH" attack issue. A remote attacker in machine-in-the-middle can obtain plaintext secret values.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1

External links
https://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Siemens SINEMA Remote Connect Server