PT-2022-21179 · Siemens · Sinema Remote Connect Server

Published

2022-06-14

Updated

2024-07-09

CVE-2022-32253

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SINEMA Remote Connect Server versions prior to V3.1

Description A vulnerability has been identified due to improper input validation, which could allow the OpenSSL certificate's password to be printed to a file reachable by an attacker.

Recommendations For versions prior to V3.1, update to version V3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the file that may contain the printed password to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2022-32253

Affected Products

Sinema Remote Connect Server

PT-2022-21179 · Siemens · Sinema Remote Connect Server

CVE-2022-32253

Weakness Enumeration

Related Identifiers

Affected Products

References · 4