Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveSiemensCVE-2022-24039
HistoryMay 10, 2022 - 11:15 a.m.

CVE-2022-24039

2022-05-1011:15:08
CWE-75
siemens
web.nvd.nist.gov
65
5
cve-2022-24039
desigo pxc4
desigo pxc5
xml injection
rce
security vulnerability
information security

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS3

9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

9

Confidence

High

EPSS

0.001

Percentile

39.5%

JSON

A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The “addCell” JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such that it is possible to inject arbitrary content (e.g., XML tags) into the generated file. An attacker with restricted privileges, by poisoning any of the content used to generate XLS reports, could be able to leverage the application to deliver malicious files against higher-privileged users and obtain Remote Code Execution (RCE) against the administrator’s workstation.

Affected configurations

Nvd
Node
siemensdesigo_pxc5_firmwareRange<02.20.142.10-10884
AND
siemensdesigo_pxc5Match-
Node
siemensdesigo_pxc4_firmwareRange<02.20.142.10-10884
AND
siemensdesigo_pxc4Match-
VendorProductVersionCPE
siemensdesigo_pxc5_firmware*cpe:2.3:o:siemens:desigo_pxc5_firmware:*:*:*:*:*:*:*:*
siemensdesigo_pxc5-cpe:2.3:h:siemens:desigo_pxc5:-:*:*:*:*:*:*:*
siemensdesigo_pxc4_firmware*cpe:2.3:o:siemens:desigo_pxc4_firmware:*:*:*:*:*:*:*:*
siemensdesigo_pxc4-cpe:2.3:h:siemens:desigo_pxc4:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Desigo PXC4",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V02.20.142.10-10884"
      }
    ]
  },
  {
    "product": "Desigo PXC5",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V02.20.142.10-10884"
      }
    ]
  }
]

Social References

More

Related

prion 1
cvelist 1
nessus 1
nvd 1
ics 1
prion
prion
Remote code execution
2022-05-10 11:15:00
cvelist
cvelist
CVE-2022-24039
2022-05-10 09:46:46
nessus
nessus
Siemens Desigo PXC and DXR Devices Failure to Sanitize Special Elements Into a Different Plane (CVE-2022-24039)
2023-01-25 00:00:00
nvd
nvd
CVE-2022-24039
2022-05-10 11:15:08
ics
ics
Siemens Desigo PXC and DXR Devices (Update A)
2022-06-16 12:00:00

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS3

9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

9

Confidence

High

EPSS

0.001

Percentile

39.5%

JSON
Related for CVE-2022-24039
prion1cvelist1nessus1nvd1ics1