ID

VAR-202206-1494


CVE

CVE-2022-33139


TITLE

Siemens'  wincc open architecture  Vulnerability related to the use of client-side authentication in

Trust: 0.8

sources: JVNDB: JVNDB-2022-012332

DESCRIPTION

A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated. Siemens' wincc open architecture contains a vulnerability related to the use of client-side authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-33139 // JVNDB: JVNDB-2022-012332 // VULMON: CVE-2022-33139

AFFECTED PRODUCTS

vendor:siemensmodel:desigo ccscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:wincc open architecturescope:eqversion:3.18

Trust: 1.0

vendor:siemensmodel:cerberus dmsscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:desigo cc compactscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:wincc open architecturescope:eqversion:3.17

Trust: 1.0

vendor:siemensmodel:wincc open architecturescope:eqversion:3.16

Trust: 1.0

vendor:シーメンスmodel:wincc open architecturescope:eqversion:3.16

Trust: 0.8

vendor:シーメンスmodel:wincc open architecturescope: - version: -

Trust: 0.8

vendor:シーメンスmodel:wincc open architecturescope:eqversion:3.18

Trust: 0.8

vendor:シーメンスmodel:wincc open architecturescope:eqversion: -

Trust: 0.8

vendor:シーメンスmodel:wincc open architecturescope:eqversion:3.17

Trust: 0.8

sources: JVNDB: JVNDB-2022-012332 // NVD: CVE-2022-33139

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-33139
value: CRITICAL

Trust: 1.0

NVD: CVE-2022-33139
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202206-2079
value: CRITICAL

Trust: 0.6

VULMON: CVE-2022-33139
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-33139
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2022-33139
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-33139
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2022-33139 // JVNDB: JVNDB-2022-012332 // CNNVD: CNNVD-202206-2079 // NVD: CVE-2022-33139

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.0

problemtype:CWE-603

Trust: 1.0

problemtype:Using client-side authentication (CWE-603) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-012332 // NVD: CVE-2022-33139

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202206-2079

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202206-2079

PATCH

title:Siemens SIMATIC WinCC OA Remediation measures for authorization problem vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=210287

Trust: 0.6

sources: CNNVD: CNNVD-202206-2079

EXTERNAL IDS

db:NVDid:CVE-2022-33139

Trust: 3.3

db:SIEMENSid:SSA-111512

Trust: 2.5

db:SIEMENSid:SSA-836027

Trust: 2.5

db:ICS CERTid:ICSA-22-172-06

Trust: 1.5

db:ICS CERTid:ICSA-22-286-16

Trust: 1.4

db:JVNid:JVNVU99030761

Trust: 0.8

db:JVNid:JVNVU92214181

Trust: 0.8

db:JVNDBid:JVNDB-2022-012332

Trust: 0.8

db:AUSCERTid:ESB-2022.3046

Trust: 0.6

db:CNNVDid:CNNVD-202206-2079

Trust: 0.6

db:VULMONid:CVE-2022-33139

Trust: 0.1

sources: VULMON: CVE-2022-33139 // JVNDB: JVNDB-2022-012332 // CNNVD: CNNVD-202206-2079 // NVD: CVE-2022-33139

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf

Trust: 2.5

url:https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf

Trust: 2.5

url:https://jvn.jp/vu/jvnvu99030761/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu92214181/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-33139

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-172-06

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-16

Trust: 0.8

url:https://vigilance.fr/vulnerability/simatic-wincc-oa-privilege-escalation-via-client-side-authentication-38638

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-286-16

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-172-06

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3046

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-33139/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/603.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-06

Trust: 0.1

sources: VULMON: CVE-2022-33139 // JVNDB: JVNDB-2022-012332 // CNNVD: CNNVD-202206-2079 // NVD: CVE-2022-33139

CREDITS

Siemens reported this vulnerability to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202206-2079

SOURCES

db:VULMONid:CVE-2022-33139
db:JVNDBid:JVNDB-2022-012332
db:CNNVDid:CNNVD-202206-2079
db:NVDid:CVE-2022-33139

LAST UPDATE DATE

2024-08-14T12:36:49.207000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2022-33139date:2022-10-11T00:00:00
db:JVNDBid:JVNDB-2022-012332date:2023-08-29T08:02:00
db:CNNVDid:CNNVD-202206-2079date:2022-10-14T00:00:00
db:NVDid:CVE-2022-33139date:2024-02-13T17:21:45.563

SOURCES RELEASE DATE

db:VULMONid:CVE-2022-33139date:2022-06-21T00:00:00
db:JVNDBid:JVNDB-2022-012332date:2023-08-29T00:00:00
db:CNNVDid:CNNVD-202206-2079date:2022-06-21T00:00:00
db:NVDid:CVE-2022-33139date:2022-06-21T13:15:08.537