Vulnerabilites related to siemens - pxg3.w200-2
CVE-2022-40178 (GCVE-0-2022-40178)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). Improper Neutralization of Input During Web Page Generation exists in the “Import Files“ functionality of the “Operation” web application, due to the missing validation of the titles of files included in the input package. By uploading a specifically crafted graphics package, a remote low-privileged attacker can execute arbitrary JavaScript code.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Siemens | Desigo PXM30-1 |
Version: All versions < V02.20.126.11-41 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Desigo PXM30-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM30.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W100-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W100-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W200-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W200-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). Improper Neutralization of Input During Web Page Generation exists in the \u201cImport Files\u201c functionality of the \u201cOperation\u201d web application, due to the missing validation of the titles of files included in the input package. By uploading a specifically crafted graphics package, a remote low-privileged attacker can execute arbitrary JavaScript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40178",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-09-08T00:00:00",
"dateUpdated": "2024-08-03T12:14:39.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40179 (GCVE-0-2022-40179)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). A Cross-Site Request Forgery exists in endpoints of the “Operation” web application that interpret and execute Axon language queries, due to the missing validation of anti-CSRF tokens or other origin checks. By convincing a victim to click on a malicious link or visit a specifically crafted webpage while logged-in to the device web application, a remote unauthenticated attacker can execute arbitrary Axon queries against the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Siemens | Desigo PXM30-1 |
Version: All versions < V02.20.126.11-41 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Desigo PXM30-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM30.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W100-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W100-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W200-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W200-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). A Cross-Site Request Forgery exists in endpoints of the \u201cOperation\u201d web application that interpret and execute Axon language queries, due to the missing validation of anti-CSRF tokens or other origin checks. By convincing a victim to click on a malicious link or visit a specifically crafted webpage while logged-in to the device web application, a remote unauthenticated attacker can execute arbitrary Axon queries against the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40179",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-09-08T00:00:00",
"dateUpdated": "2024-08-03T12:14:39.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40176 (GCVE-0-2022-40176)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). There exists an Improper Neutralization of Special Elements used in an OS Command with root privileges during a restore operation due to the missing validation of the names of files included in the input package. By restoring a specifically crafted package, a remote low-privileged attacker can execute arbitrary system commands with root privileges on the device, leading to a full compromise.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Siemens | Desigo PXM30-1 |
Version: All versions < V02.20.126.11-41 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Desigo PXM30-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM30.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W100-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W100-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W200-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W200-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). There exists an Improper Neutralization of Special Elements used in an OS Command with root privileges during a restore operation due to the missing validation of the names of files included in the input package. By restoring a specifically crafted package, a remote low-privileged attacker can execute arbitrary system commands with root privileges on the device, leading to a full compromise."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40176",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-09-08T00:00:00",
"dateUpdated": "2024-08-03T12:14:39.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40177 (GCVE-0-2022-40177)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). Endpoints of the “Operation” web application that interpret and execute Axon language queries allow file read access to the device file system with root privileges. By supplying specific I/O related Axon queries, a remote low-privileged attacker can read sensitive files on the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Siemens | Desigo PXM30-1 |
Version: All versions < V02.20.126.11-41 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Desigo PXM30-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM30.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W100-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W100-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W200-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W200-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). Endpoints of the \u201cOperation\u201d web application that interpret and execute Axon language queries allow file read access to the device file system with root privileges. By supplying specific I/O related Axon queries, a remote low-privileged attacker can read sensitive files on the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40177",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-09-08T00:00:00",
"dateUpdated": "2024-08-03T12:14:39.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40180 (GCVE-0-2022-40180)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). A Cross-Site Request Forgery exists in the “Import Files“ functionality of the “Operation” web application due to the missing validation of anti-CSRF tokens or other origin checks. A remote unauthenticated attacker can upload and enable permanent arbitrary JavaScript code into the device just by convincing a victim to visit a specifically crafted webpage while logged-in to the device web application.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Siemens | Desigo PXM30-1 |
Version: All versions < V02.20.126.11-41 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Desigo PXM30-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM30.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W100-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W100-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W200-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W200-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). A Cross-Site Request Forgery exists in the \u201cImport Files\u201c functionality of the \u201cOperation\u201d web application due to the missing validation of anti-CSRF tokens or other origin checks. A remote unauthenticated attacker can upload and enable permanent arbitrary JavaScript code into the device just by convincing a victim to visit a specifically crafted webpage while logged-in to the device web application."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40180",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-09-08T00:00:00",
"dateUpdated": "2024-08-03T12:14:39.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40181 (GCVE-0-2022-40181)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-84 - Improper Neutralization of Encoded URI Schemes in a Web Page
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). The device embedded browser does not prevent interaction with alternative URI schemes when redirected to corresponding resources by web application code. By setting the homepage URI, the favorite URIs, or redirecting embedded browser users via JavaScript code to alternative scheme resources, a remote low privileged attacker can perform a range of attacks against the device, such as read arbitrary files on the filesystem, execute arbitrary JavaScript code in order to steal or manipulate the information on the screen, or trigger denial of service conditions.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Siemens | Desigo PXM30-1 |
Version: All versions < V02.20.126.11-41 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Desigo PXM30-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM30.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W100-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W100-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W200-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W200-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). The device embedded browser does not prevent interaction with alternative URI schemes when redirected to corresponding resources by web application code. By setting the homepage URI, the favorite URIs, or redirecting embedded browser users via JavaScript code to alternative scheme resources, a remote low privileged attacker can perform a range of attacks against the device, such as read arbitrary files on the filesystem, execute arbitrary JavaScript code in order to steal or manipulate the information on the screen, or trigger denial of service conditions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-84",
"description": "CWE-84: Improper Neutralization of Encoded URI Schemes in a Web Page",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40181",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-09-08T00:00:00",
"dateUpdated": "2024-08-03T12:14:39.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40182 (GCVE-0-2022-40182)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 12:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-250 - Execution with Unnecessary Privileges
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). The device embedded Chromium-based browser is launched as root with the “--no-sandbox” option. Attackers can add arbitrary JavaScript code inside “Operation” graphics and successfully exploit any number of publicly known vulnerabilities against the version of the embedded Chromium-based browser.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Siemens | Desigo PXM30-1 |
Version: All versions < V02.20.126.11-41 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:40.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Desigo PXM30-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM30.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM40.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "Desigo PXM50.E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W100-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W100-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
},
{
"product": "PXG3.W200-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-37"
}
]
},
{
"product": "PXG3.W200-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V02.20.126.11-41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). The device embedded Chromium-based browser is launched as root with the \u201c--no-sandbox\u201d option. Attackers can add arbitrary JavaScript code inside \u201cOperation\u201d graphics and successfully exploit any number of publicly known vulnerabilities against the version of the embedded Chromium-based browser."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-40182",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-09-08T00:00:00",
"dateUpdated": "2024-08-03T12:14:40.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-10-11 11:15
Modified
2024-11-21 07:21
Severity ?
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). A Cross-Site Request Forgery exists in endpoints of the “Operation” web application that interpret and execute Axon language queries, due to the missing validation of anti-CSRF tokens or other origin checks. By convincing a victim to click on a malicious link or visit a specifically crafted webpage while logged-in to the device web application, a remote unauthenticated attacker can execute arbitrary Axon queries against the device.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA01FD1D-3B4F-44CB-85D5-D88190B264A3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "837673FE-DBBB-496A-8A6F-0C53BC5F2EAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "863709BC-3A74-49E5-80F3-7E0227BD3403",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A4FA01-FD7F-451F-8BEB-2BF01A2DF9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B63901A-F3B7-4232-973F-7E162608FEA0",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0AA432-2A2C-4A03-86C5-560592562653",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87180ACC-C1ED-4F20-9460-1AFD53D28CA2",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0517B82-90A9-4A0F-8B57-70F2A679DC95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E14C8DD3-9FA4-497F-9F9F-235C8D2DEFA5",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBE6D5C-A3AF-4191-A283-805B834D9475",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "663CD9F1-2455-4B73-9081-4FA3A1FD46D3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB9D5A-2654-4DE5-91CF-59DB43776FBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C23DFD-0362-4554-9761-3D684796C0DC",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9805AE4-F07B-45F6-A1DD-53544E8AE681",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01049ABF-EAD0-4B8D-B54C-3424B435635A",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4924B858-7BB5-464F-B6E5-133B987FF122",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB1F863-2762-4839-A601-248BC0F8B6D5",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCA20E3-2425-4004-801F-46898ACDA2CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0903929A-B47C-4E75-A6B6-1DB4B118F64C",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14AE1458-8F82-4F6D-987D-4F22AF5E8056",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). A Cross-Site Request Forgery exists in endpoints of the \u201cOperation\u201d web application that interpret and execute Axon language queries, due to the missing validation of anti-CSRF tokens or other origin checks. By convincing a victim to click on a malicious link or visit a specifically crafted webpage while logged-in to the device web application, a remote unauthenticated attacker can execute arbitrary Axon queries against the device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Desigo PXM30-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM30.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM50-1 (Todas las versiones anteriores a V02. 20.126.11-41), Desigo PXM50.E (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W100-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W100-2 (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W200-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W200-2 (Todas las versiones anteriores a V02.20.126.11-41). Se presenta una vulnerabilidad de tipo Cross-Site Request Forgery en los endpoints de la aplicaci\u00f3n web \"Operation\" que interpretan y ejecutan consultas en lenguaje Axon, debido a que no han sido comprobados los tokens anti-CSRF u otras comprobaciones de origen. Al convencer a una v\u00edctima de hacer clic en un enlace malicioso o visitar una p\u00e1gina web espec\u00edficamente dise\u00f1ada mientras est\u00e1 conectado a la aplicaci\u00f3n web del dispositivo, un atacante remoto no autenticado puede ejecutar consultas arbitrarias de Axon contra el dispositivo"
}
],
"id": "CVE-2022-40179",
"lastModified": "2024-11-21T07:21:00.417",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-11T11:15:10.647",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-11 11:15
Modified
2024-11-21 07:20
Severity ?
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). There exists an Improper Neutralization of Special Elements used in an OS Command with root privileges during a restore operation due to the missing validation of the names of files included in the input package. By restoring a specifically crafted package, a remote low-privileged attacker can execute arbitrary system commands with root privileges on the device, leading to a full compromise.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA01FD1D-3B4F-44CB-85D5-D88190B264A3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "837673FE-DBBB-496A-8A6F-0C53BC5F2EAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "863709BC-3A74-49E5-80F3-7E0227BD3403",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A4FA01-FD7F-451F-8BEB-2BF01A2DF9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B63901A-F3B7-4232-973F-7E162608FEA0",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0AA432-2A2C-4A03-86C5-560592562653",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87180ACC-C1ED-4F20-9460-1AFD53D28CA2",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0517B82-90A9-4A0F-8B57-70F2A679DC95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E14C8DD3-9FA4-497F-9F9F-235C8D2DEFA5",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBE6D5C-A3AF-4191-A283-805B834D9475",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "663CD9F1-2455-4B73-9081-4FA3A1FD46D3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB9D5A-2654-4DE5-91CF-59DB43776FBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C23DFD-0362-4554-9761-3D684796C0DC",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9805AE4-F07B-45F6-A1DD-53544E8AE681",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01049ABF-EAD0-4B8D-B54C-3424B435635A",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4924B858-7BB5-464F-B6E5-133B987FF122",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB1F863-2762-4839-A601-248BC0F8B6D5",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCA20E3-2425-4004-801F-46898ACDA2CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0903929A-B47C-4E75-A6B6-1DB4B118F64C",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14AE1458-8F82-4F6D-987D-4F22AF5E8056",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). There exists an Improper Neutralization of Special Elements used in an OS Command with root privileges during a restore operation due to the missing validation of the names of files included in the input package. By restoring a specifically crafted package, a remote low-privileged attacker can execute arbitrary system commands with root privileges on the device, leading to a full compromise."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Desigo PXM30-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM30.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM50-1 (Todas las versiones anteriores a V02. 20.126.11-41), Desigo PXM50.E (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W100-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W100-2 (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W200-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W200-2 (Todas las versiones anteriores a V02.20.126.11-41). Se presenta una Neutralizaci\u00f3n Inapropiada de los Elementos Especiales usados en un Comando del Sistema Operativo privilegiado de root durante una operaci\u00f3n de restauraci\u00f3n, debido a una falta de comprobaci\u00f3n de los nombres de los archivos incluidos en el paquete de entrada. Al restaurar un paquete espec\u00edficamente dise\u00f1ado, un atacante remoto poco privilegiado puede ejecutar comandos arbitrarios del sistema privilegiado de root en el dispositivo, conllevando a un compromiso total"
}
],
"id": "CVE-2022-40176",
"lastModified": "2024-11-21T07:20:59.983",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-11T11:15:10.473",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-11 11:15
Modified
2024-11-21 07:21
Severity ?
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). Improper Neutralization of Input During Web Page Generation exists in the “Import Files“ functionality of the “Operation” web application, due to the missing validation of the titles of files included in the input package. By uploading a specifically crafted graphics package, a remote low-privileged attacker can execute arbitrary JavaScript code.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA01FD1D-3B4F-44CB-85D5-D88190B264A3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "837673FE-DBBB-496A-8A6F-0C53BC5F2EAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "863709BC-3A74-49E5-80F3-7E0227BD3403",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A4FA01-FD7F-451F-8BEB-2BF01A2DF9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B63901A-F3B7-4232-973F-7E162608FEA0",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0AA432-2A2C-4A03-86C5-560592562653",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87180ACC-C1ED-4F20-9460-1AFD53D28CA2",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0517B82-90A9-4A0F-8B57-70F2A679DC95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E14C8DD3-9FA4-497F-9F9F-235C8D2DEFA5",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBE6D5C-A3AF-4191-A283-805B834D9475",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "663CD9F1-2455-4B73-9081-4FA3A1FD46D3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB9D5A-2654-4DE5-91CF-59DB43776FBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C23DFD-0362-4554-9761-3D684796C0DC",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9805AE4-F07B-45F6-A1DD-53544E8AE681",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01049ABF-EAD0-4B8D-B54C-3424B435635A",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4924B858-7BB5-464F-B6E5-133B987FF122",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB1F863-2762-4839-A601-248BC0F8B6D5",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCA20E3-2425-4004-801F-46898ACDA2CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0903929A-B47C-4E75-A6B6-1DB4B118F64C",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14AE1458-8F82-4F6D-987D-4F22AF5E8056",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). Improper Neutralization of Input During Web Page Generation exists in the \u201cImport Files\u201c functionality of the \u201cOperation\u201d web application, due to the missing validation of the titles of files included in the input package. By uploading a specifically crafted graphics package, a remote low-privileged attacker can execute arbitrary JavaScript code."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Desigo PXM30-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM30.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM50-1 (Todas las versiones anteriores a V02. 20.126.11-41), Desigo PXM50.E (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W100-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W100-2 (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W200-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W200-2 (Todas las versiones anteriores a V02.20.126.11-41). Se presenta una Neutralizaci\u00f3n Inapropiada de la entrada Durante la Generaci\u00f3n de la P\u00e1gina Web en la funcionalidad \"Import Files\" de la aplicaci\u00f3n web \"Operation\", debido a una falta de comprobaci\u00f3n de los t\u00edtulos de los archivos incluidos en el paquete de entrada. Al descargar un paquete gr\u00e1fico espec\u00edficamente dise\u00f1ado, un atacante remoto poco privilegiado puede ejecutar c\u00f3digo JavaScript arbitrario"
}
],
"id": "CVE-2022-40178",
"lastModified": "2024-11-21T07:21:00.273",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-11T11:15:10.590",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-11 11:15
Modified
2024-11-21 07:21
Severity ?
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). A Cross-Site Request Forgery exists in the “Import Files“ functionality of the “Operation” web application due to the missing validation of anti-CSRF tokens or other origin checks. A remote unauthenticated attacker can upload and enable permanent arbitrary JavaScript code into the device just by convincing a victim to visit a specifically crafted webpage while logged-in to the device web application.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA01FD1D-3B4F-44CB-85D5-D88190B264A3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "837673FE-DBBB-496A-8A6F-0C53BC5F2EAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "863709BC-3A74-49E5-80F3-7E0227BD3403",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A4FA01-FD7F-451F-8BEB-2BF01A2DF9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B63901A-F3B7-4232-973F-7E162608FEA0",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0AA432-2A2C-4A03-86C5-560592562653",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87180ACC-C1ED-4F20-9460-1AFD53D28CA2",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0517B82-90A9-4A0F-8B57-70F2A679DC95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E14C8DD3-9FA4-497F-9F9F-235C8D2DEFA5",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBE6D5C-A3AF-4191-A283-805B834D9475",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "663CD9F1-2455-4B73-9081-4FA3A1FD46D3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB9D5A-2654-4DE5-91CF-59DB43776FBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C23DFD-0362-4554-9761-3D684796C0DC",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9805AE4-F07B-45F6-A1DD-53544E8AE681",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01049ABF-EAD0-4B8D-B54C-3424B435635A",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4924B858-7BB5-464F-B6E5-133B987FF122",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB1F863-2762-4839-A601-248BC0F8B6D5",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCA20E3-2425-4004-801F-46898ACDA2CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0903929A-B47C-4E75-A6B6-1DB4B118F64C",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14AE1458-8F82-4F6D-987D-4F22AF5E8056",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). A Cross-Site Request Forgery exists in the \u201cImport Files\u201c functionality of the \u201cOperation\u201d web application due to the missing validation of anti-CSRF tokens or other origin checks. A remote unauthenticated attacker can upload and enable permanent arbitrary JavaScript code into the device just by convincing a victim to visit a specifically crafted webpage while logged-in to the device web application."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Desigo PXM30-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM30.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM50-1 (Todas las versiones anteriores a V02. 20.126.11-41), Desigo PXM50.E (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W100-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W100-2 (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W200-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W200-2 (Todas las versiones anteriores a V02.20.126.11-41). Se presenta una vulnerabilidad de tipo Cross-Site Request Forgery en la funcionalidad \"Import Files\" de la aplicaci\u00f3n web \"Operation\" debido a una falta de comprobaci\u00f3n de tokens anti-CSRF u otras comprobaciones de origen. Un atacante remoto no autenticado puede cargar y habilitar c\u00f3digo JavaScript arbitrario permanente en el dispositivo con s\u00f3lo convencer a una v\u00edctima de que visite una p\u00e1gina web espec\u00edficamente dise\u00f1ada mientras est\u00e1 conectado a la aplicaci\u00f3n web del dispositivo"
}
],
"id": "CVE-2022-40180",
"lastModified": "2024-11-21T07:21:00.570",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-11T11:15:10.707",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-11 11:15
Modified
2024-11-21 07:21
Severity ?
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). The device embedded Chromium-based browser is launched as root with the “--no-sandbox” option. Attackers can add arbitrary JavaScript code inside “Operation” graphics and successfully exploit any number of publicly known vulnerabilities against the version of the embedded Chromium-based browser.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA01FD1D-3B4F-44CB-85D5-D88190B264A3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "837673FE-DBBB-496A-8A6F-0C53BC5F2EAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "863709BC-3A74-49E5-80F3-7E0227BD3403",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A4FA01-FD7F-451F-8BEB-2BF01A2DF9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B63901A-F3B7-4232-973F-7E162608FEA0",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0AA432-2A2C-4A03-86C5-560592562653",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87180ACC-C1ED-4F20-9460-1AFD53D28CA2",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0517B82-90A9-4A0F-8B57-70F2A679DC95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E14C8DD3-9FA4-497F-9F9F-235C8D2DEFA5",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBE6D5C-A3AF-4191-A283-805B834D9475",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "663CD9F1-2455-4B73-9081-4FA3A1FD46D3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB9D5A-2654-4DE5-91CF-59DB43776FBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C23DFD-0362-4554-9761-3D684796C0DC",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9805AE4-F07B-45F6-A1DD-53544E8AE681",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01049ABF-EAD0-4B8D-B54C-3424B435635A",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4924B858-7BB5-464F-B6E5-133B987FF122",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB1F863-2762-4839-A601-248BC0F8B6D5",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCA20E3-2425-4004-801F-46898ACDA2CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0903929A-B47C-4E75-A6B6-1DB4B118F64C",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14AE1458-8F82-4F6D-987D-4F22AF5E8056",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). The device embedded Chromium-based browser is launched as root with the \u201c--no-sandbox\u201d option. Attackers can add arbitrary JavaScript code inside \u201cOperation\u201d graphics and successfully exploit any number of publicly known vulnerabilities against the version of the embedded Chromium-based browser."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Desigo PXM30-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM30.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM50-1 (Todas las versiones anteriores a V02. 20.126.11-41), Desigo PXM50.E (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W100-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W100-2 (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W200-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W200-2 (Todas las versiones anteriores a V02.20.126.11-41). El navegador basado en Chromium embebido en el dispositivo es lanzado como root con la opci\u00f3n \"--no-sandbox\". Los atacantes pueden a\u00f1adir c\u00f3digo JavaScript arbitrario dentro de los gr\u00e1ficos de \"Operation\" y explotar con \u00e9xito cualquier n\u00famero de vulnerabilidades p\u00fablicamente conocidas contra la versi\u00f3n del navegador incrustado basado en Chromium"
}
],
"id": "CVE-2022-40182",
"lastModified": "2024-11-21T07:21:00.860",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-11T11:15:10.823",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-250"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-11 11:15
Modified
2024-11-21 07:21
Severity ?
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). The device embedded browser does not prevent interaction with alternative URI schemes when redirected to corresponding resources by web application code. By setting the homepage URI, the favorite URIs, or redirecting embedded browser users via JavaScript code to alternative scheme resources, a remote low privileged attacker can perform a range of attacks against the device, such as read arbitrary files on the filesystem, execute arbitrary JavaScript code in order to steal or manipulate the information on the screen, or trigger denial of service conditions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA01FD1D-3B4F-44CB-85D5-D88190B264A3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "837673FE-DBBB-496A-8A6F-0C53BC5F2EAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "863709BC-3A74-49E5-80F3-7E0227BD3403",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A4FA01-FD7F-451F-8BEB-2BF01A2DF9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B63901A-F3B7-4232-973F-7E162608FEA0",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0AA432-2A2C-4A03-86C5-560592562653",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87180ACC-C1ED-4F20-9460-1AFD53D28CA2",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0517B82-90A9-4A0F-8B57-70F2A679DC95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E14C8DD3-9FA4-497F-9F9F-235C8D2DEFA5",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBE6D5C-A3AF-4191-A283-805B834D9475",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "663CD9F1-2455-4B73-9081-4FA3A1FD46D3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB9D5A-2654-4DE5-91CF-59DB43776FBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C23DFD-0362-4554-9761-3D684796C0DC",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9805AE4-F07B-45F6-A1DD-53544E8AE681",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01049ABF-EAD0-4B8D-B54C-3424B435635A",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4924B858-7BB5-464F-B6E5-133B987FF122",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB1F863-2762-4839-A601-248BC0F8B6D5",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCA20E3-2425-4004-801F-46898ACDA2CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0903929A-B47C-4E75-A6B6-1DB4B118F64C",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14AE1458-8F82-4F6D-987D-4F22AF5E8056",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). The device embedded browser does not prevent interaction with alternative URI schemes when redirected to corresponding resources by web application code. By setting the homepage URI, the favorite URIs, or redirecting embedded browser users via JavaScript code to alternative scheme resources, a remote low privileged attacker can perform a range of attacks against the device, such as read arbitrary files on the filesystem, execute arbitrary JavaScript code in order to steal or manipulate the information on the screen, or trigger denial of service conditions."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Desigo PXM30-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM30.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM50-1 (Todas las versiones anteriores a V02. 20.126.11-41), Desigo PXM50.E (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W100-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W100-2 (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W200-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W200-2 (Todas las versiones anteriores a V02.20.126.11-41). El navegador integrado en el dispositivo no impide la interacci\u00f3n con esquemas URI alternativos cuando se redirige a los recursos correspondientes mediante el c\u00f3digo de la aplicaci\u00f3n web. Al establecer el URI de la p\u00e1gina de inicio, los URIs favoritos, o redirigir a usuarios del navegador insertado por medio de c\u00f3digo JavaScript a recursos de esquemas alternativos, un atacante remoto poco privilegiado puede llevar a cabo una serie de ataques contra el dispositivo, como leer archivos arbitrarios en el sistema de archivos, ejecutar c\u00f3digo JavaScript arbitrario para robar o manipular la informaci\u00f3n en la pantalla, o desencadenar condiciones de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2022-40181",
"lastModified": "2024-11-21T07:21:00.707",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-11T11:15:10.767",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-84"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-11 11:15
Modified
2024-11-21 07:21
Severity ?
Summary
A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), Desigo PXM40-1 (All versions < V02.20.126.11-41), Desigo PXM40.E (All versions < V02.20.126.11-41), Desigo PXM50-1 (All versions < V02.20.126.11-41), Desigo PXM50.E (All versions < V02.20.126.11-41), PXG3.W100-1 (All versions < V02.20.126.11-37), PXG3.W100-2 (All versions < V02.20.126.11-41), PXG3.W200-1 (All versions < V02.20.126.11-37), PXG3.W200-2 (All versions < V02.20.126.11-41). Endpoints of the “Operation” web application that interpret and execute Axon language queries allow file read access to the device file system with root privileges. By supplying specific I/O related Axon queries, a remote low-privileged attacker can read sensitive files on the device.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA01FD1D-3B4F-44CB-85D5-D88190B264A3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "837673FE-DBBB-496A-8A6F-0C53BC5F2EAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm30.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "863709BC-3A74-49E5-80F3-7E0227BD3403",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm30.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60A4FA01-FD7F-451F-8BEB-2BF01A2DF9B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B63901A-F3B7-4232-973F-7E162608FEA0",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0AA432-2A2C-4A03-86C5-560592562653",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm40.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87180ACC-C1ED-4F20-9460-1AFD53D28CA2",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm40.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0517B82-90A9-4A0F-8B57-70F2A679DC95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E14C8DD3-9FA4-497F-9F9F-235C8D2DEFA5",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBE6D5C-A3AF-4191-A283-805B834D9475",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm50.e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "663CD9F1-2455-4B73-9081-4FA3A1FD46D3",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm50.e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECB9D5A-2654-4DE5-91CF-59DB43776FBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C23DFD-0362-4554-9761-3D684796C0DC",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9805AE4-F07B-45F6-A1DD-53544E8AE681",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w100-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01049ABF-EAD0-4B8D-B54C-3424B435635A",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w100-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4924B858-7BB5-464F-B6E5-133B987FF122",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB1F863-2762-4839-A601-248BC0F8B6D5",
"versionEndExcluding": "02.20.126.11-37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCA20E3-2425-4004-801F-46898ACDA2CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:pxg3.w200-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0903929A-B47C-4E75-A6B6-1DB4B118F64C",
"versionEndExcluding": "02.20.126.11-41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:pxg3.w200-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14AE1458-8F82-4F6D-987D-4F22AF5E8056",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Desigo PXM30-1 (All versions \u003c V02.20.126.11-41), Desigo PXM30.E (All versions \u003c V02.20.126.11-41), Desigo PXM40-1 (All versions \u003c V02.20.126.11-41), Desigo PXM40.E (All versions \u003c V02.20.126.11-41), Desigo PXM50-1 (All versions \u003c V02.20.126.11-41), Desigo PXM50.E (All versions \u003c V02.20.126.11-41), PXG3.W100-1 (All versions \u003c V02.20.126.11-37), PXG3.W100-2 (All versions \u003c V02.20.126.11-41), PXG3.W200-1 (All versions \u003c V02.20.126.11-37), PXG3.W200-2 (All versions \u003c V02.20.126.11-41). Endpoints of the \u201cOperation\u201d web application that interpret and execute Axon language queries allow file read access to the device file system with root privileges. By supplying specific I/O related Axon queries, a remote low-privileged attacker can read sensitive files on the device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Desigo PXM30-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM30.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40-1 (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM40.E (Todas las versiones anteriores a V02.20.126.11-41), Desigo PXM50-1 (Todas las versiones anteriores a V02. 20.126.11-41), Desigo PXM50.E (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W100-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W100-2 (Todas las versiones anteriores a V02.20.126.11-41), PXG3.W200-1 (Todas las versiones anteriores a V02.20.126.11-37), PXG3.W200-2 (Todas las versiones anteriores a V02.20.126.11-41). Los endpoints de la aplicaci\u00f3n web \"Operaci\u00f3n\" que interpretan y ejecutan consultas en lenguaje Axon permiten el acceso de lectura de archivos al sistema de archivos del dispositivo privilegiado de root. Al suministrar consultas espec\u00edficas de Axon relacionadas con la E/S, un atacante remoto poco privilegiado puede leer archivos confidenciales en el dispositivo"
}
],
"id": "CVE-2022-40177",
"lastModified": "2024-11-21T07:21:00.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-11T11:15:10.533",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-360783.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}