Sign-up

ID

VAR-202210-0382


CVE

CVE-2022-40181


TITLE

Cross-site scripting vulnerability in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2022-018813

DESCRIPTION

A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). The device embedded browser does not prevent interaction with alternative URI schemes when redirected to corresponding resources by web application code. By setting the homepage URI, the favorite URIs, or redirecting embedded browser users via JavaScript code to alternative scheme resources, a remote low privileged attacker can perform a range of attacks against the device, such as read arbitrary files on the filesystem, execute arbitrary JavaScript code in order to steal or manipulate the information on the screen, or trigger denial of service conditions. desigo pxm30-1 firmware, desigo pxm30.e firmware, desigo pxm40-1 Multiple Siemens products such as firmware contain a cross-site scripting vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Siemens Desigo PX is a set of building automation control system of Germany's Siemens (Siemens). Several Siemens products have an open redirection vulnerability

Trust: 2.16

sources: NVD: CVE-2022-40181 // JVNDB: JVNDB-2022-018813 // CNVD: CNVD-2022-91641

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-91641

AFFECTED PRODUCTS

vendor:siemensmodel:desigo pxm40.escope:ltversion:02.20.126.11-41

Trust: 1.0

vendor:siemensmodel:pxg3.w100-1scope:ltversion:02.20.126.11-37

Trust: 1.0

vendor:siemensmodel:desigo pxm30.escope:ltversion:02.20.126.11-41

Trust: 1.0

vendor:siemensmodel:pxg3.w200-1scope:ltversion:02.20.126.11-37

Trust: 1.0

vendor:siemensmodel:desigo pxm50.escope:ltversion:02.20.126.11-41

Trust: 1.0

vendor:siemensmodel:pxg3.w200-2scope:ltversion:02.20.126.11-41

Trust: 1.0

vendor:siemensmodel:desigo pxm40-1scope:ltversion:02.20.126.11-41

Trust: 1.0

vendor:siemensmodel:desigo pxm50-1scope:ltversion:02.20.126.11-41

Trust: 1.0

vendor:siemensmodel:pxg3.w100-2scope:ltversion:02.20.126.11-41

Trust: 1.0

vendor:siemensmodel:desigo pxm30-1scope:ltversion:02.20.126.11-41

Trust: 1.0

vendor:シーメンスmodel:pxg3.w100-2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxm30-1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:pxg3.w100-1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxm50-1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxm50.escope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxm30.escope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxm40-1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxm40.escope: - version: -

Trust: 0.8

vendor:シーメンスmodel:pxg3.w200-1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:pxg3.w200-2scope: - version: -

Trust: 0.8

vendor:siemensmodel:desigo pxm30-1scope:ltversion:v02.20.126.11-41

Trust: 0.6

vendor:siemensmodel:desigo pxm30.escope:ltversion:v02.20.126.11-41

Trust: 0.6

vendor:siemensmodel:desigo pxm40-1scope:ltversion:v02.20.126.11-41

Trust: 0.6

vendor:siemensmodel:desigo pxm40.escope:ltversion:v02.20.126.11-41

Trust: 0.6

vendor:siemensmodel:desigo pxm50-1scope:ltversion:v02.20.126.11-41

Trust: 0.6

vendor:siemensmodel:desigo pxm50.escope:ltversion:v02.20.126.11-41

Trust: 0.6

vendor:siemensmodel:pxg3.w100-1scope:eqversion:v02.20.126.11-37

Trust: 0.6

vendor:siemensmodel:pxg3.w100-2scope:ltversion:v02.20.126.11-41

Trust: 0.6

vendor:siemensmodel:pxg3.w200-1scope:eqversion:v02.20.126.11-37

Trust: 0.6

vendor:siemensmodel:pxg3.w200-2scope:ltversion:v02.20.126.11-41

Trust: 0.6

sources: CNVD: CNVD-2022-91641 // JVNDB: JVNDB-2022-018813 // NVD: CVE-2022-40181

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-40181
value: HIGH

Trust: 1.0

NVD: CVE-2022-40181
value: HIGH

Trust: 0.8

CNVD: CNVD-2022-91641
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202210-506
value: HIGH

Trust: 0.6

CNVD: CNVD-2022-91641
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:C/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-40181
baseSeverity: HIGH
baseScore: 8.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.5
version: 3.1

Trust: 1.0

NVD: CVE-2022-40181
baseSeverity: HIGH
baseScore: 8.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-91641 // JVNDB: JVNDB-2022-018813 // CNNVD: CNNVD-202210-506 // NVD: CVE-2022-40181

PROBLEMTYPE DATA

problemtype:CWE-84

Trust: 1.0

problemtype:CWE-79

Trust: 1.0

problemtype:Cross-site scripting (CWE-79) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-018813 // NVD: CVE-2022-40181

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-506

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-202210-506

PATCH

title:Patch for Several Siemens products open redirection vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/384536

Trust: 0.6

title:Multiple Siemens Fixes for product cross-site scripting vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=245138

Trust: 0.6

sources: CNVD: CNVD-2022-91641 // CNNVD: CNNVD-202210-506

EXTERNAL IDS

db:NVDid:CVE-2022-40181

Trust: 3.8

db:SIEMENSid:SSA-360783

Trust: 3.0

db:ICS CERTid:ICSA-22-286-06

Trust: 1.4

db:JVNid:JVNVU92214181

Trust: 0.8

db:JVNDBid:JVNDB-2022-018813

Trust: 0.8

db:CNVDid:CNVD-2022-91641

Trust: 0.6

db:AUSCERTid:ESB-2022.5098

Trust: 0.6

db:CNNVDid:CNNVD-202210-506

Trust: 0.6

sources: CNVD: CNVD-2022-91641 // JVNDB: JVNDB-2022-018813 // CNNVD: CNNVD-202210-506 // NVD: CVE-2022-40181

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf

Trust: 3.0

url:https://jvn.jp/vu/jvnvu92214181/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-40181

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-06

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.5098

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-286-06

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-40181/

Trust: 0.6

sources: CNVD: CNVD-2022-91641 // JVNDB: JVNDB-2022-018813 // CNNVD: CNNVD-202210-506 // NVD: CVE-2022-40181

CREDITS

Siemens reported these vulnerabilities to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202210-506

SOURCES

db:CNVDid:CNVD-2022-91641
db:JVNDBid:JVNDB-2022-018813
db:CNNVDid:CNNVD-202210-506
db:NVDid:CVE-2022-40181

LAST UPDATE DATE

2024-08-14T13:05:47.425000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-91641date:2022-12-29T00:00:00
db:JVNDBid:JVNDB-2022-018813date:2023-10-23T08:12:00
db:CNNVDid:CNNVD-202210-506date:2023-07-11T00:00:00
db:NVDid:CVE-2022-40181date:2023-07-10T18:37:01.860

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-91641date:2022-12-18T00:00:00
db:JVNDBid:JVNDB-2022-018813date:2023-10-23T00:00:00
db:CNNVDid:CNNVD-202210-506date:2022-10-11T00:00:00
db:NVDid:CVE-2022-40181date:2022-10-11T11:15:10.767