Details of VAR-202210-0384

ID

VAR-202210-0384

CVE

CVE-2022-40178

TITLE

Cross-site scripting vulnerability in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2022-018816

DESCRIPTION

A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). Improper Neutralization of Input During Web Page Generation exists in the “Import Files“ functionality of the “Operation” web application, due to the missing validation of the titles of files included in the input package. By uploading a specifically crafted graphics package, a remote low-privileged attacker can execute arbitrary JavaScript code. desigo pxm30-1 firmware, desigo pxm30.e firmware, desigo pxm40-1 Multiple Siemens products such as firmware contain a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. Siemens Desigo PX is a set of building automation control system of Germany's Siemens (Siemens)

Trust: 2.16

sources: NVD: CVE-2022-40178 // JVNDB: JVNDB-2022-018816 // CNVD: CNVD-2022-91616

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-91616

AFFECTED PRODUCTS

vendor:	siemens	model:	desigo pxm40.e	scope:	lt	version:	02.20.126.11-41	Trust: 1.0
vendor:	siemens	model:	pxg3.w100-1	scope:	lt	version:	02.20.126.11-37	Trust: 1.0
vendor:	siemens	model:	desigo pxm30.e	scope:	lt	version:	02.20.126.11-41	Trust: 1.0
vendor:	siemens	model:	pxg3.w200-1	scope:	lt	version:	02.20.126.11-37	Trust: 1.0
vendor:	siemens	model:	desigo pxm50.e	scope:	lt	version:	02.20.126.11-41	Trust: 1.0
vendor:	siemens	model:	pxg3.w200-2	scope:	lt	version:	02.20.126.11-41	Trust: 1.0
vendor:	siemens	model:	desigo pxm40-1	scope:	lt	version:	02.20.126.11-41	Trust: 1.0
vendor:	siemens	model:	desigo pxm50-1	scope:	lt	version:	02.20.126.11-41	Trust: 1.0
vendor:	siemens	model:	pxg3.w100-2	scope:	lt	version:	02.20.126.11-41	Trust: 1.0
vendor:	siemens	model:	desigo pxm30-1	scope:	lt	version:	02.20.126.11-41	Trust: 1.0
vendor:	シーメンス	model:	pxg3.w100-2	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxm30-1	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	pxg3.w100-1	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxm50-1	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxm50.e	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxm30.e	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxm40-1	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxm40.e	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	pxg3.w200-1	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	pxg3.w200-2	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	desigo pxm30-1	scope:	lt	version:	v02.20.126.11-41	Trust: 0.6
vendor:	siemens	model:	desigo pxm30.e	scope:	lt	version:	v02.20.126.11-41	Trust: 0.6
vendor:	siemens	model:	desigo pxm40-1	scope:	lt	version:	v02.20.126.11-41	Trust: 0.6
vendor:	siemens	model:	desigo pxm40.e	scope:	lt	version:	v02.20.126.11-41	Trust: 0.6
vendor:	siemens	model:	desigo pxm50-1	scope:	lt	version:	v02.20.126.11-41	Trust: 0.6
vendor:	siemens	model:	desigo pxm50.e	scope:	lt	version:	v02.20.126.11-41	Trust: 0.6
vendor:	siemens	model:	pxg3.w100-1	scope:	eq	version:	v02.20.126.11-37	Trust: 0.6
vendor:	siemens	model:	pxg3.w100-2	scope:	lt	version:	v02.20.126.11-41	Trust: 0.6
vendor:	siemens	model:	pxg3.w200-1	scope:	eq	version:	v02.20.126.11-37	Trust: 0.6
vendor:	siemens	model:	pxg3.w200-2	scope:	lt	version:	v02.20.126.11-41	Trust: 0.6

sources: CNVD: CNVD-2022-91616 // JVNDB: JVNDB-2022-018816 // NVD: CVE-2022-40178

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-40178
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-40178
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2022-91616
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202210-511
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2022-91616
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2022-40178
baseSeverity:	MEDIUM
baseScore:	5.4
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.3
impactScore:	2.7
version:	3.1
Trust: 1.0
NVD:	CVE-2022-40178
baseSeverity:	MEDIUM
baseScore:	5.4
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-91616 // JVNDB: JVNDB-2022-018816 // CNNVD: CNNVD-202210-511 // NVD: CVE-2022-40178

PROBLEMTYPE DATA

problemtype:	CWE-79	Trust: 1.0
problemtype:	Cross-site scripting (CWE-79) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-018816 // NVD: CVE-2022-40178

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-511

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-202210-511

PATCH

title:	Patch for Cross-site scripting vulnerability in the Import Files function of various Siemens products	url:	https://www.cnvd.org.cn/patchInfo/show/384466	Trust: 0.6
title:	Multiple Siemens Fixes for product cross-site scripting vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=210592	Trust: 0.6

sources: CNVD: CNVD-2022-91616 // CNNVD: CNNVD-202210-511

EXTERNAL IDS

db:	NVD	id:	CVE-2022-40178	Trust: 3.8
db:	SIEMENS	id:	SSA-360783	Trust: 3.0
db:	ICS CERT	id:	ICSA-22-286-06	Trust: 1.4
db:	JVN	id:	JVNVU92214181	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-018816	Trust: 0.8
db:	CNVD	id:	CNVD-2022-91616	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5098	Trust: 0.6
db:	CNNVD	id:	CNNVD-202210-511	Trust: 0.6

sources: CNVD: CNVD-2022-91616 // JVNDB: JVNDB-2022-018816 // CNNVD: CNNVD-202210-511 // NVD: CVE-2022-40178

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf	Trust: 3.0
url:	https://jvn.jp/vu/jvnvu92214181/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-40178	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-06	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2022.5098	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-40178/	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-286-06	Trust: 0.6

sources: CNVD: CNVD-2022-91616 // JVNDB: JVNDB-2022-018816 // CNNVD: CNNVD-202210-511 // NVD: CVE-2022-40178

CREDITS

Siemens reported these vulnerabilities to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202210-511

SOURCES

db:	CNVD	id:	CNVD-2022-91616
db:	JVNDB	id:	JVNDB-2022-018816
db:	CNNVD	id:	CNNVD-202210-511
db:	NVD	id:	CVE-2022-40178

LAST UPDATE DATE

2024-08-14T12:26:40.361000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-91616	date:	2022-12-29T00:00:00
db:	JVNDB	id:	JVNDB-2022-018816	date:	2023-10-23T08:12:00
db:	CNNVD	id:	CNNVD-202210-511	date:	2022-10-17T00:00:00
db:	NVD	id:	CVE-2022-40178	date:	2022-10-12T17:17:35.097

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-91616	date:	2022-12-18T00:00:00
db:	JVNDB	id:	JVNDB-2022-018816	date:	2023-10-23T00:00:00
db:	CNNVD	id:	CNNVD-202210-511	date:	2022-10-11T00:00:00
db:	NVD	id:	CVE-2022-40178	date:	2022-10-11T11:15:10.590