PT-2022-25256 · Siemens · Pxg3.W100-2+9
Published
2022-10-11
·
Updated
2022-10-12
·
CVE-2022-40176
CVSS v3.1
8.0
High
| Vector | AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Desigo PXM30-1 versions prior to V02.20.126.11-41
Desigo PXM30.E versions prior to V02.20.126.11-41
Desigo PXM40-1 versions prior to V02.20.126.11-41
Desigo PXM40.E versions prior to V02.20.126.11-41
Desigo PXM50-1 versions prior to V02.20.126.11-41
Desigo PXM50.E versions prior to V02.20.126.11-41
PXG3.W100-1 versions prior to V02.20.126.11-37
PXG3.W100-2 versions prior to V02.20.126.11-41
PXG3.W200-1 versions prior to V02.20.126.11-37
PXG3.W200-2 versions prior to V02.20.126.11-41
Description
The issue is related to an Improper Neutralization of Special Elements used in an OS Command with root privileges during a restore operation. This occurs due to the missing validation of the names of files included in the input package. By restoring a specifically crafted package, a remote low-privileged attacker can execute arbitrary system commands with root privileges on the device, leading to a full compromise.
Recommendations
For Desigo PXM30-1 versions prior to V02.20.126.11-41, update to version V02.20.126.11-41 or later.
For Desigo PXM30.E versions prior to V02.20.126.11-41, update to version V02.20.126.11-41 or later.
For Desigo PXM40-1 versions prior to V02.20.126.11-41, update to version V02.20.126.11-41 or later.
For Desigo PXM40.E versions prior to V02.20.126.11-41, update to version V02.20.126.11-41 or later.
For Desigo PXM50-1 versions prior to V02.20.126.11-41, update to version V02.20.126.11-41 or later.
For Desigo PXM50.E versions prior to V02.20.126.11-41, update to version V02.20.126.11-41 or later.
For PXG3.W100-1 versions prior to V02.20.126.11-37, update to version V02.20.126.11-37 or later.
For PXG3.W100-2 versions prior to V02.20.126.11-41, update to version V02.20.126.11-41 or later.
For PXG3.W200-1 versions prior to V02.20.126.11-37, update to version V02.20.126.11-37 or later.
For PXG3.W200-2 versions prior to V02.20.126.11-41, update to version V02.20.126.11-41 or later.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Desigo Pxm30-1
Desigo Pxm30.E
Desigo Pxm40-1
Desigo Pxm40.E
Desigo Pxm50-1
Desigo Pxm50.E
Pxg3.W100-1
Pxg3.W100-2
Pxg3.W200-1
Pxg3.W200-2