#VU64429 Insufficient verification of data authenticity in SINEMA Remote Connect Server - CVE-2022-32252

Cybersecurity Help s.r.o.

Published: 2022-06-16

Vulnerability identifier: #VU64429

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-32252

CWE-ID: CWE-345

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
SINEMA Remote Connect Server
Server applications / SCADA systems

Vendor: Siemens

Description

The vulnerability allows a local user to compromsie the target system.

The vulnerability exists due to insufficient verification of data authenticity. A local administrator can trick a victim to install a malicious package and gain root privileges.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SINEMA Remote Connect Server: before 3.1

External links
https://cert-portal.siemens.com/productcert/txt/ssa-484086.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Siemens SINEMA Remote Connect Server