#VU68289 Missing Authorization in Siemens Hardware solutions


Published: 2022-10-13

Vulnerability identifier: #VU68289

Vulnerability risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31765

CWE-ID: CWE-862

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SCALANCE SC622-2C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE SC632-2C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE SC636-2C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE SC642-2C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE SC646-2C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W721-1 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W722-1 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W734-1 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W738-1 M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W748-1 M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W748-1 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W761-1 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W774-1 M12 EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W774-1 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W778-1 M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W778-1 M12 EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W786-1 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W786-2 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W786-2 SFP
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W786-2IA RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W788-1 M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W788-1 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W788-2 M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W788-2 M12 EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W788-2 RJ45
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W1748-1 M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W1788-1 M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W1788-2 EEC M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W1788-2 M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE W1788-2IA M12
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE WAM763-1
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE WAM766-1
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE WAM766-1 6GHz
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE WAM766-1 EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE WUM763-1
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE WUM766-1
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE WUM766-1 6GHz
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XB205-3
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XB205-3LD
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XB208
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XB213-3
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XB213-3LD
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XB216
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC206-2
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC206-2G PoE
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC206-2G PoE EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC206-2SFP
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC206-2SFP EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC206-2SFP G
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC206-2SFP G EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC208
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC208EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC208G
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC208G EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC208G PoE
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC216
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC216-3G PoE
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC216-4C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC216-4C G
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC216-4C G EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC216EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC224
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC224-4C G
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XC224-4C G EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XF204
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XF204 DNA
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XF204-2BA
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XF204-2BA DNA
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XM408-4C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XM408-8C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XM416-4C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XP208
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XP208EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XP208PoE EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XP216
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XP216EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XP216POE EEC
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XR324WG
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XR326-2C PoE WG
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XR328-4C WG
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XR524-8C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XR526-8C
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XR528-6M
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE XR552-12M
Hardware solutions / Routers & switches, VoIP, GSM, etc
SIPLUS NET SCALANCE XC206-2
Hardware solutions / Routers & switches, VoIP, GSM, etc
SIPLUS NET SCALANCE XC206-2SFP
Hardware solutions / Routers & switches, VoIP, GSM, etc
SIPLUS NET SCALANCE XC208
Hardware solutions / Routers & switches, VoIP, GSM, etc
SIPLUS NET SCALANCE XC216-4C
Hardware solutions / Routers & switches, VoIP, GSM, etc
RUGGEDCOM RM1224 LTE
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M804PB
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M812-1 ADSL-Router (Annex A)
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M812-1 ADSL-Router (Annex B)
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M816-1 ADSL-Router (Annex A)
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M816-1 ADSL-Router (Annex B)
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M826-2 SHDSL-Router
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M874-2
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M874-3
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M876-3
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE M876-4
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE MUM853-1
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE MUM856-1
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Siemens

Description

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to the affected device does not properly authorize the change password function of the web interface. A remote user can bypass authorization and escalate their privileges.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SCALANCE SC622-2C: All versions

SCALANCE SC632-2C: All versions

SCALANCE SC636-2C: All versions

SCALANCE SC642-2C: All versions

SCALANCE SC646-2C: All versions

SCALANCE W721-1 RJ45: All versions

SCALANCE W722-1 RJ45: All versions

SCALANCE W734-1 RJ45: All versions

SCALANCE W738-1 M12: All versions

SCALANCE W748-1 M12: All versions

SCALANCE W748-1 RJ45: All versions

SCALANCE W761-1 RJ45: All versions

SCALANCE W774-1 M12 EEC: All versions

SCALANCE W774-1 RJ45: All versions

SCALANCE W778-1 M12: All versions

SCALANCE W778-1 M12 EEC: All versions

SCALANCE W786-1 RJ45: All versions

SCALANCE W786-2 RJ45: All versions

SCALANCE W786-2 SFP: All versions

SCALANCE W786-2IA RJ45: All versions

SCALANCE W788-1 M12: All versions

SCALANCE W788-1 RJ45: All versions

SCALANCE W788-2 M12: All versions

SCALANCE W788-2 M12 EEC: All versions

SCALANCE W788-2 RJ45: All versions

SCALANCE W1748-1 M12: All versions

SCALANCE W1788-1 M12: All versions

SCALANCE W1788-2 EEC M12: All versions

SCALANCE W1788-2 M12: All versions

SCALANCE W1788-2IA M12: All versions

SCALANCE WAM763-1: All versions

SCALANCE WAM766-1: All versions

SCALANCE WAM766-1 6GHz: All versions

SCALANCE WAM766-1 EEC: All versions

SCALANCE WUM763-1: All versions

SCALANCE WUM766-1: All versions

SCALANCE WUM766-1 6GHz: All versions

SCALANCE XB205-3: All versions

SCALANCE XB205-3LD: All versions

SCALANCE XB208: All versions

SCALANCE XB213-3: All versions

SCALANCE XB213-3LD: All versions

SCALANCE XB216: All versions

SCALANCE XC206-2: All versions

SCALANCE XC206-2G PoE: All versions

SCALANCE XC206-2G PoE EEC: All versions

SCALANCE XC206-2SFP: All versions

SCALANCE XC206-2SFP EEC: All versions

SCALANCE XC206-2SFP G: All versions

SCALANCE XC206-2SFP G EEC: All versions

SCALANCE XC208: All versions

SCALANCE XC208EEC: All versions

SCALANCE XC208G: All versions

SCALANCE XC208G EEC: All versions

SCALANCE XC208G PoE: All versions

SCALANCE XC216: All versions

SCALANCE XC216-3G PoE: All versions

SCALANCE XC216-4C: All versions

SCALANCE XC216-4C G: All versions

SCALANCE XC216-4C G EEC: All versions

SCALANCE XC216EEC: All versions

SCALANCE XC224: All versions

SCALANCE XC224-4C G: All versions

SCALANCE XC224-4C G EEC: All versions

SCALANCE XF204: All versions

SCALANCE XF204 DNA: All versions

SCALANCE XF204-2BA: All versions

SCALANCE XF204-2BA DNA: All versions

SCALANCE XM408-4C: All versions

SCALANCE XM408-8C: All versions

SCALANCE XM416-4C: All versions

SCALANCE XP208: All versions

SCALANCE XP208EEC: All versions

SCALANCE XP208PoE EEC: All versions

SCALANCE XP216: All versions

SCALANCE XP216EEC: All versions

SCALANCE XP216POE EEC: All versions

SCALANCE XR324WG: All versions

SCALANCE XR326-2C PoE WG: All versions

SCALANCE XR328-4C WG: All versions

SCALANCE XR524-8C: All versions

SCALANCE XR526-8C: All versions

SCALANCE XR528-6M: All versions

SCALANCE XR552-12M: All versions

SIPLUS NET SCALANCE XC206-2: All versions

SIPLUS NET SCALANCE XC206-2SFP: All versions

SIPLUS NET SCALANCE XC208: All versions

SIPLUS NET SCALANCE XC216-4C: All versions


External links
http://cert-portal.siemens.com/productcert/pdf/ssa-552702.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability