Siemens

It is our 175th birthday today �� It was Werner von Siemens’ pointer telegraph that set the company on a path of suc… https://t.co/OEKf3zVulF
Sat Oct 01 08:00:00 +0000 2022

Happy International Podcast Day! For this special occasion we’d like to celebrate 15 episodes of our… https://t.co/MbH4NurIk6
Fri Sep 30 06:30:00 +0000 2022

From creating more efficient transportation systems to more individualised healthcare and optimising energy systems… https://t.co/tp9Wo3TJnq
Thu Sep 29 15:01:09 +0000 2022

How do we protect our customers from growing cyber threats? Michael Metzler from @SiemensIndustry and his team have… https://t.co/5qd040EZvq
Thu Sep 29 15:00:00 +0000 2022

By the Year

In 2022 there have been 136 vulnerabilities in Siemens with an average score of 7.5 out of ten. Last year Siemens had 295 security vulnerabilities published. Right now, Siemens is on track to have less security vulnerabilities in 2022 than it did last year. However, the average CVE base score of the vulnerabilities in 2022 is greater by 0.34.

Year	Vulnerabilities	Average Score
2022	136	7.51
2021	295	7.17
2020	62	6.85
2019	115	7.70
2018	23	7.25

It may take a day or so for new Siemens vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Siemens Security Vulnerabilities

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39151 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17736)

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39152 7.8 - High - September 13, 2022

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39153 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18187)

Out-of-bounds Read

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39154 7.8 - High - September 13, 2022

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39155 7.8 - High - September 13, 2022

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39148 7.8 - High - September 13, 2022

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39147 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17506)

Access of Uninitialized Pointer

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39146 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17502)

Access of Uninitialized Pointer

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39145 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17496)

Out-of-bounds Read

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39144 7.8 - High - September 13, 2022

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39143 7.8 - High - September 13, 2022

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39142 7.8 - High - September 13, 2022

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39141 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17296)

Out-of-bounds Read

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39140 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17292)

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39139 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17289)

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39138 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17284)

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39137 7.8 - High - September 13, 2022

Out-of-bounds Read

A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions < V2.2)

CVE-2022-38466 7.8 - High - September 13, 2022

A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions < V2.2). The default installation sets insecure file permissions that could allow a local attacker to escalate privileges to local administrator.

Incorrect Default Permissions

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39156 7.8 - High - September 13, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18196)

Out-of-bounds Read

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39150 7.8 - High - September 13, 2022

Memory Corruption

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262)

CVE-2022-39149 7.8 - High - September 13, 2022

Memory Corruption

A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used)

CVE-2022-34659 7.5 - High - August 10, 2022

A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used). Affected applications expose user, host and display name of users, when the public license server is used. This could allow an attacker to retrieve this information.

Information Disclosure

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15)

CVE-2022-34660 9.8 - Critical - August 10, 2022

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution.

Command Injection

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15)

CVE-2022-34661 7.5 - High - August 10, 2022

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter is vulnerable to denial of service by entering infinite loops and using up CPU cycles. This could allow an attacker to cause denial of service condition.

Infinite Loop

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34287 5.5 - Medium - July 12, 2022

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-052, FG-VD-22-056)

Buffer Overflow

A vulnerability has been identified in Simcenter Femap (All versions < V2022.2)

CVE-2022-34748 7.8 - High - July 12, 2022

A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17293)

Memory Corruption

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34272 7.8 - High - July 12, 2022

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-037, FG-VD-22-059)

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34291 5.5 - Medium - July 12, 2022

Buffer Overflow

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34290 5.5 - Medium - July 12, 2022

Buffer Overflow

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34289 7.8 - High - July 12, 2022

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-054)

Memory Corruption

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34288 5.5 - Medium - July 12, 2022

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-053)

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34286 7.8 - High - July 12, 2022

Memory Corruption

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34285 5.5 - Medium - July 12, 2022

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-050)

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34284 7.8 - High - July 12, 2022

Memory Corruption

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34283 5.5 - Medium - July 12, 2022

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-048)

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34282 5.5 - Medium - July 12, 2022

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-047)

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34281 7.8 - High - July 12, 2022

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34280 7.8 - High - July 12, 2022

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34279 7.8 - High - July 12, 2022

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34278 7.8 - High - July 12, 2022

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-043)

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34277 7.8 - High - July 12, 2022

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-042)

Out-of-bounds Read

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34276 7.8 - High - July 12, 2022

Memory Corruption

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34275 7.8 - High - July 12, 2022

Memory Corruption

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34274 7.8 - High - July 12, 2022

Memory Corruption

A vulnerability has been identified in PADS Standard/Plus Viewer (All versions)

CVE-2022-34273 7.8 - High - July 12, 2022

Memory Corruption

A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00)

CVE-2021-44222 9.1 - Critical - July 12, 2022

A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The underlying MQTT service of affected systems does not perform authentication in the default configuration. This could allow an unauthenticated remote attacker to send arbitrary messages to the service and thereby issue arbitrary requests in the affected system.

Missing Authentication for Critical Function

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions)

CVE-2022-34464 5.5 - Medium - July 12, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.3). Affected software uses an improperly protected file to import SSH keys. Attackers with access to the filesystem of the host on which SICAM GridEdge runs, are able to inject a custom SSH key to that file.

Exposure of Resource to Wrong Sphere

A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624)

CVE-2022-33736 7.5 - High - July 12, 2022

A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials.

authentification

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264)

CVE-2022-34465 7.8 - High - July 12, 2022

A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)

Out-of-bounds Read

A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00)

CVE-2021-44221 7.5 - High - July 12, 2022

A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The affected systems do not properly validate input that is sent to the underlying message passing framework. This could allow an remote attacker to trigger a denial of service of the affected system.

Improper Input Validation

A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration)

CVE-2022-33139 9.8 - Critical - June 21, 2022

A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.

authentification

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32253 7.5 - High - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker.

Improper Input Validation

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32251 9.8 - Critical - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user.

Missing Authentication for Critical Function

A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9)

CVE-2022-32145 6.1 - Medium - June 14, 2022

A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link.

XSS

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6)

CVE-2022-30231 4.3 - Medium - June 14, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software discloses password hashes of other users upon request. This could allow an authenticated user to retrieve another users password hash.

Insufficiently Protected Credentials

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6)

CVE-2022-30230 9.8 - Critical - June 14, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to create a new user with administrative permissions.

Missing Authentication for Critical Function

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-27221 5.9 - Medium - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack.

Insufficient Entropy

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32262 9.8 - Critical - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker could use this to achieve arbitrary code execution.

Command Injection

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32259 6.5 - Medium - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration.

AuthZ

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32258 7.5 - High - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains an older feature that allows to import device configurations via a specific endpoint. An attacker could use this vulnerability for information disclosure.

A vulnerability has been identified in Xpedition Designer (All versions < VX.2.11)

CVE-2022-31465 7.8 - High - June 14, 2022

A vulnerability has been identified in Xpedition Designer (All versions < VX.2.11). The affected application assigns improper access rights to the service executable. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

Incorrect Permission Assignment for Critical Resource

A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS)

CVE-2022-26476 8.8 - High - June 14, 2022

A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unauthenticated attacker could log into the component Shared HIS used in Spectrum Power systems by using an account with default credentials. A successful exploitation could allow the attacker to access the component Shared HIS with administrative privileges.

Use of Hard-coded Credentials

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32261 7.5 - High - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application.

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32260 9.8 - Critical - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios.

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32256 6.5 - Medium - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to low privileged users accessing privileged information.

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32255 5.3 - Medium - June 14, 2022

AuthZ

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32254 7.5 - High - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker.

Insertion of Sensitive Information into Log File

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-32252 7.8 - High - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, granting root privileges to an attacker.

Insufficient Verification of Data Authenticity

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13)

CVE-2022-31619 8.8 - High - June 14, 2022

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). Java EE Server Manager HTML Adaptor in Teamcenter consists of default hardcoded credentials. Access to the application allows a user to perform a series of actions that could potentially lead to remote code execution with elevated permissions.

Use of Hard-coded Credentials

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6)

CVE-2022-30229 5.3 - Medium - June 14, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of an user, such as credentials, in case that user's id is known.

authentification

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1)

CVE-2022-29034 6.1 - Medium - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code. This could allow attackers to perform reflected cross-site scripting (XSS) attacks.

XSS

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6)

CVE-2022-30228 6.5 - Medium - June 14, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not apply cross-origin resource sharing (CORS) restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could be executed.

Origin Validation Error

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2)

CVE-2022-27220 4.3 - Medium - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors.

Clickjacking

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2)

CVE-2022-27219 4.3 - Medium - June 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors.

Clickjacking

A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions < VC20D), NAEOTOM Alpha (All VA40 versions < VA40 SP2), SOMATOM X.cite (All versions < VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions < VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions < VB22A-UD03), Symbia Evo (All VB22 versions < VB22A-UD03), Symbia Intevo (All VB22 versions < VB22A-UD03), Symbia T (All VB22 versions < VB22A-UD03), Symbia.net (All VB22 versions < VB22A-UD03), syngo.

CVE-2022-29875 9.8 - Critical - June 01, 2022

A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions < VC20D), NAEOTOM Alpha (All VA40 versions < VA40 SP2), SOMATOM X.cite (All versions < VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions < VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions < VB22A-UD03), Symbia Evo (All VB22 versions < VB22A-UD03), Symbia Intevo (All VB22 versions < VB22A-UD03), Symbia T (All VB22 versions < VB22A-UD03), Symbia.net (All VB22 versions < VB22A-UD03), syngo.via VB10 (All versions), syngo.via VB20 (All versions), syngo.via VB30 (All versions), syngo.via VB40 (All versions < VB40B HF06), syngo.via VB50 (All versions), syngo.via VB60 (All versions < VB60B HF02). The application deserialises untrusted data without sufficient validations that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system if ports 32912/tcp or 32914/tcp are reachable.

Marshaling, Unmarshaling

A vulnerability has been identified in Simcenter Femap (All versions < V2022.2)

CVE-2022-27653 7.8 - High - May 20, 2022

A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15594)

Memory Corruption

A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions)

CVE-2022-24287 7.8 - High - May 20, 2022

A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). An authenticated attacker could escape the WinCC Kiosk Mode by opening the printer dialog in the affected application in case no printer is installed.

Insecure Default Initialization of Resource

A vulnerability has been identified in OpenV2G (V0.9.4)

CVE-2022-27242 5.5 - Medium - May 20, 2022

A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.

Classic Buffer Overflow

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3)

CVE-2022-29029 5.5 - Medium - May 20, 2022

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

NULL Pointer Dereference

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3)

CVE-2022-29030 5.5 - Medium - May 20, 2022

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

Integer Overflow or Wraparound

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3)

CVE-2022-29031 5.5 - Medium - May 20, 2022

NULL Pointer Dereference

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3)

CVE-2022-29032 7.8 - High - May 20, 2022

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library contains a double free vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Double-free

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3)

CVE-2022-29033 7.8 - High - May 20, 2022

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process.

Access of Uninitialized Pointer

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9)

CVE-2022-29801 7.5 - High - May 20, 2022

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.

XXE

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13)

CVE-2022-24290 7.5 - High - May 20, 2022

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions), Teamcenter V13.2 (All versions < V13.2.0.8), Teamcenter V13.3 (All versions < V13.3.0.3), Teamcenter V14.0 (All versions < V14.0.0.2). The tcserver.exe binary in affected applications is vulnerable to a stack overflow condition during the parsing of user input that may lead the binary to crash.

Stack Overflow

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3)

CVE-2022-29028 5.5 - Medium - May 20, 2022

A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

Infinite Loop

A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1)

CVE-2022-23449 7.3 - High - April 12, 2022

A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path.

DLL preloading

A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1)

CVE-2022-23448 7.8 - High - April 12, 2022

A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local unprivileged attacker to achieve code execution with ADMINISTRATOR or even NT AUTHORITY/SYSTEM privileges.

Incorrect Permission Assignment for Critical Resource

A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1)

CVE-2022-23450 9.8 - Critical - April 12, 2022

A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the affected software, an unauthenticated attacker could exploit this vulnerability by sending a maliciously crafted serialized object. This could allow the attacker to execute arbitrary code on the device with SYSTEM privileges.

Marshaling, Unmarshaling

A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2)

CVE-2022-28663 7.8 - High - April 12, 2022

A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15592)

Memory Corruption

A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2)

CVE-2022-28662 6.5 - Medium - April 12, 2022

A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted .NEU files. This could allow an attacker to leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15307)

Memory Corruption

A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2)

CVE-2022-28661 8.8 - High - April 12, 2022

A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15114)

Out-of-bounds Read

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1)

CVE-2022-27194 7.5 - High - April 12, 2022

A vulnerability has been identified in SIMATIC PCS neo (Administration Console) (All versions < V3.1 SP1), SINETPLAN (All versions), TIA Portal (V15, V15.1, V16 and V17). The affected system cannot properly process specially crafted packets sent to port 8888/tcp. A remote attacker could exploit this vulnerability to cause a Denial-of-Service condition. The affected devices must be restarted manually.

Resource Exhaustion

A vulnerability has been identified in SIMATIC CFU DIQ (All versions)

CVE-2022-25622 7.5 - High - April 12, 2022

A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= 4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions < V8.2.3), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions), SINAMICS DCM (All versions with Ethernet interface), SINAMICS G110M (All versions with Ethernet interface), SINAMICS G115D (All versions with Ethernet interface), SINAMICS G120 (incl. SIPLUS variants) (All versions with Ethernet interface), SINAMICS G130 (All versions), SINAMICS G150 (All versions), SINAMICS S110 (All versions with Ethernet interface), SINAMICS S120 (incl. SIPLUS variants) (All versions), SINAMICS S150 (All versions), SINAMICS S210 (All versions), SINAMICS V90 (All versions with Ethernet interface), SIPLUS HCS4200 CIM4210 (All versions), SIPLUS HCS4200 CIM4210C (All versions), SIPLUS HCS4300 CIM4310 (All versions), SIPLUS NET PN/PN Coupler (All versions >= 4.2). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.

Resource Exhaustion

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding

CVE-2022-22965 9.8 - Critical - April 01, 2022

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

Code Injection

The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases

CVE-2021-45117 6.5 - Medium - March 21, 2022

The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.

NULL Pointer Dereference

A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2022.1)

CVE-2022-24661 7.8 - High - March 08, 2022

A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2022.1). The starview+.exe contains a memory corruption vulnerability while parsing specially crafted .SCE files. This could allow an attacker to execute code in the context of the current process.

Memory Corruption

A vulnerability has been identified in SINEC NMS (All versions)

CVE-2022-25311 7.2 - High - March 08, 2022

A vulnerability has been identified in SINEC NMS (All versions). The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This could allow an authenticated low privileged user to achieve privilege escalation.

Improper Privilege Management

A vulnerability has been identified in SINEC NMS (All versions)

CVE-2022-24282 7.2 - High - March 08, 2022

A vulnerability has been identified in SINEC NMS (All versions). The affected system allows to upload JSON objects that are deserialized to Java objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a maliciously crafted serialized Java object. This could allow the attacker to execute arbitrary code on the device with root privileges.

Marshaling, Unmarshaling

A vulnerability has been identified in Polarion ALM (All versions < V21 R2 P2), Polarion WebClient for SVN (All versions)

CVE-2021-44478 6.1 - Medium - March 08, 2022

A vulnerability has been identified in Polarion ALM (All versions < V21 R2 P2), Polarion WebClient for SVN (All versions). A cross-site scripting is present due to improper neutralization of data sent to the web page through the SVN WebClient in the affected product. An attacker could exploit this to execute arbitrary code and extract sensitive information by sending a specially crafted link to users with administrator privileges.

XSS