PT-2022-27287 · Siemens · Simatic Wincc
Published
2022-12-13
·
Updated
2023-01-10
·
CVE-2022-44731
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SIMATIC WinCC OA versions prior to V3.15 P038
SIMATIC WinCC OA versions prior to V3.16 P035
SIMATIC WinCC OA versions prior to V3.17 P024
SIMATIC WinCC OA versions prior to V3.18 P014
Description
A vulnerability allows injecting custom arguments to the Ultralight Client backend application under certain circumstances. This could allow an authenticated remote attacker to inject arbitrary parameters when starting the client via the web interface, potentially opening attacker-chosen panels with the attacker's credentials or starting a Ctrl script.
Recommendations
For SIMATIC WinCC OA versions prior to V3.15 P038, update to V3.15 P038 or later.
For SIMATIC WinCC OA versions prior to V3.16 P035, update to V3.16 P035 or later.
For SIMATIC WinCC OA versions prior to V3.17 P024, update to V3.17 P024 or later.
For SIMATIC WinCC OA versions prior to V3.18 P014, update to V3.18 P014 or later.
Fix
Argument Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Simatic Wincc