Lucene search

[email protected]NVD:CVE-2022-40177

HistoryOct 11, 2022 - 11:15 a.m.

CVE-2022-40177

2022-10-1111:15:10

CWE-200

[email protected]

web.nvd.nist.gov

desigo devices

vulnerability

remote attackers

file read access

root privileges

sensitive files

CVSS3

5.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

42.1%

JSON

A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). Endpoints of the “Operation” web application that interpret and execute Axon language queries allow file read access to the device file system with root privileges. By supplying specific I/O related Axon queries, a remote low-privileged attacker can read sensitive files on the device.

Affected configurations

Nvd

Node

siemensdesigo_pxm30-1_firmwareRange<02.20.126.11-41

AND

siemensdesigo_pxm30-1Match-

Node

siemensdesigo_pxm30.e_firmwareRange<02.20.126.11-41

AND

siemensdesigo_pxm30.eMatch-

Node

siemensdesigo_pxm40-1_firmwareRange<02.20.126.11-41

AND

siemensdesigo_pxm40-1Match-

Node

siemensdesigo_pxm40.e_firmwareRange<02.20.126.11-41

AND

siemensdesigo_pxm40.eMatch-

Node

siemensdesigo_pxm50-1_firmwareRange<02.20.126.11-41

AND

siemensdesigo_pxm50-1Match-

Node

siemensdesigo_pxm50.e_firmwareRange<02.20.126.11-41

AND

siemensdesigo_pxm50.eMatch-

Node

siemenspxg3.w100-1_firmwareRange<02.20.126.11-37

AND

siemenspxg3.w100-1Match-

Node

siemenspxg3.w100-2_firmwareRange<02.20.126.11-41

AND

siemenspxg3.w100-2Match-

Node

siemenspxg3.w200-1_firmwareRange<02.20.126.11-37

AND

siemenspxg3.w200-1Match-

Node

siemenspxg3.w200-2_firmwareRange<02.20.126.11-41

AND

siemenspxg3.w200-2Match-

VendorProductVersionCPE
siemensdesigo_pxm30-1_firmware*cpe:2.3:o:siemens:desigo_pxm30-1_firmware:*:*:*:*:*:*:*:*
siemensdesigo_pxm30-1-cpe:2.3:h:siemens:desigo_pxm30-1:-:*:*:*:*:*:*:*
siemensdesigo_pxm30.e_firmware*cpe:2.3:o:siemens:desigo_pxm30.e_firmware:*:*:*:*:*:*:*:*
siemensdesigo_pxm30.e-cpe:2.3:h:siemens:desigo_pxm30.e:-:*:*:*:*:*:*:*
siemensdesigo_pxm40-1_firmware*cpe:2.3:o:siemens:desigo_pxm40-1_firmware:*:*:*:*:*:*:*:*
siemensdesigo_pxm40-1-cpe:2.3:h:siemens:desigo_pxm40-1:-:*:*:*:*:*:*:*
siemensdesigo_pxm40.e_firmware*cpe:2.3:o:siemens:desigo_pxm40.e_firmware:*:*:*:*:*:*:*:*
siemensdesigo_pxm40.e-cpe:2.3:h:siemens:desigo_pxm40.e:-:*:*:*:*:*:*:*
siemensdesigo_pxm50-1_firmware*cpe:2.3:o:siemens:desigo_pxm50-1_firmware:*:*:*:*:*:*:*:*
siemensdesigo_pxm50-1-cpe:2.3:h:siemens:desigo_pxm50-1:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	desigo_pxm30-1_firmware	*	cpe:2.3:o:siemens:desigo_pxm30-1_firmware::::::::
siemens	desigo_pxm30-1	-	cpe:2.3:h:siemens:desigo_pxm30-1:-:::::::*
siemens	desigo_pxm30.e_firmware	*	cpe:2.3:o:siemens:desigo_pxm30.e_firmware::::::::
siemens	desigo_pxm30.e	-	cpe:2.3:h:siemens:desigo_pxm30.e:-:::::::*
siemens	desigo_pxm40-1_firmware	*	cpe:2.3:o:siemens:desigo_pxm40-1_firmware::::::::
siemens	desigo_pxm40-1	-	cpe:2.3:h:siemens:desigo_pxm40-1:-:::::::*
siemens	desigo_pxm40.e_firmware	*	cpe:2.3:o:siemens:desigo_pxm40.e_firmware::::::::
siemens	desigo_pxm40.e	-	cpe:2.3:h:siemens:desigo_pxm40.e:-:::::::*
siemens	desigo_pxm50-1_firmware	*	cpe:2.3:o:siemens:desigo_pxm50-1_firmware::::::::
siemens	desigo_pxm50-1	-	cpe:2.3:h:siemens:desigo_pxm50-1:-:::::::*