Details of VAR-202206-1494

ID

VAR-202206-1494

CVE

CVE-2022-33139

TITLE

Siemens' wincc open architecture Vulnerability related to the use of client-side authentication in

Trust: 0.8

sources: JVNDB: JVNDB-2022-012332

DESCRIPTION

A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated. Siemens' wincc open architecture contains a vulnerability related to the use of client-side authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-33139 // JVNDB: JVNDB-2022-012332 // VULMON: CVE-2022-33139

AFFECTED PRODUCTS

vendor:	siemens	model:	desigo cc	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	wincc open architecture	scope:	eq	version:	3.18	Trust: 1.0
vendor:	siemens	model:	cerberus dms	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	desigo cc compact	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	wincc open architecture	scope:	eq	version:	3.17	Trust: 1.0
vendor:	siemens	model:	wincc open architecture	scope:	eq	version:	3.16	Trust: 1.0
vendor:	シーメンス	model:	wincc open architecture	scope:	eq	version:	3.16	Trust: 0.8
vendor:	シーメンス	model:	wincc open architecture	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	wincc open architecture	scope:	eq	version:	3.18	Trust: 0.8
vendor:	シーメンス	model:	wincc open architecture	scope:	eq	version:	-	Trust: 0.8
vendor:	シーメンス	model:	wincc open architecture	scope:	eq	version:	3.17	Trust: 0.8

sources: JVNDB: JVNDB-2022-012332 // NVD: CVE-2022-33139

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-33139
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2022-33139
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202206-2079
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2022-33139
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-33139
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2022-33139
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-33139
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2022-33139 // JVNDB: JVNDB-2022-012332 // CNNVD: CNNVD-202206-2079 // NVD: CVE-2022-33139

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.0
problemtype:	CWE-603	Trust: 1.0
problemtype:	Using client-side authentication (CWE-603) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-012332 // NVD: CVE-2022-33139

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202206-2079

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202206-2079

PATCH

title:

Siemens SIMATIC WinCC OA Remediation measures for authorization problem vulnerabilities

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=210287

Trust: 0.6

sources: CNNVD: CNNVD-202206-2079

EXTERNAL IDS

db:	NVD	id:	CVE-2022-33139	Trust: 3.3
db:	SIEMENS	id:	SSA-111512	Trust: 2.5
db:	SIEMENS	id:	SSA-836027	Trust: 2.5
db:	ICS CERT	id:	ICSA-22-172-06	Trust: 1.5
db:	ICS CERT	id:	ICSA-22-286-16	Trust: 1.4
db:	JVN	id:	JVNVU99030761	Trust: 0.8
db:	JVN	id:	JVNVU92214181	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-012332	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.3046	Trust: 0.6
db:	CNNVD	id:	CNNVD-202206-2079	Trust: 0.6
db:	VULMON	id:	CVE-2022-33139	Trust: 0.1

sources: VULMON: CVE-2022-33139 // JVNDB: JVNDB-2022-012332 // CNNVD: CNNVD-202206-2079 // NVD: CVE-2022-33139

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf	Trust: 2.5
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu99030761/	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu92214181/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-33139	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-172-06	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-16	Trust: 0.8
url:	https://vigilance.fr/vulnerability/simatic-wincc-oa-privilege-escalation-via-client-side-authentication-38638	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-286-16	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-172-06	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3046	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-33139/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/603.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-06	Trust: 0.1

sources: VULMON: CVE-2022-33139 // JVNDB: JVNDB-2022-012332 // CNNVD: CNNVD-202206-2079 // NVD: CVE-2022-33139

CREDITS

Siemens reported this vulnerability to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202206-2079

SOURCES

db:	VULMON	id:	CVE-2022-33139
db:	JVNDB	id:	JVNDB-2022-012332
db:	CNNVD	id:	CNNVD-202206-2079
db:	NVD	id:	CVE-2022-33139

LAST UPDATE DATE

2024-08-14T12:36:49.207000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2022-33139	date:	2022-10-11T00:00:00
db:	JVNDB	id:	JVNDB-2022-012332	date:	2023-08-29T08:02:00
db:	CNNVD	id:	CNNVD-202206-2079	date:	2022-10-14T00:00:00
db:	NVD	id:	CVE-2022-33139	date:	2024-02-13T17:21:45.563

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2022-33139	date:	2022-06-21T00:00:00
db:	JVNDB	id:	JVNDB-2022-012332	date:	2023-08-29T00:00:00
db:	CNNVD	id:	CNNVD-202206-2079	date:	2022-06-21T00:00:00
db:	NVD	id:	CVE-2022-33139	date:	2022-06-21T13:15:08.537