Sign-up

ID

VAR-202205-0553


CVE

CVE-2022-24040


TITLE

Resource Exhaustion Vulnerability in Multiple Siemens Products

Trust: 0.8

sources: JVNDB: JVNDB-2022-009473

DESCRIPTION

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application fails to enforce an upper bound to the cost factor of the PBKDF2 derived key during the creation or update of an account. An attacker with the user profile access privilege could cause a denial of service (DoS) condition through CPU consumption by setting a PBKDF2 derived key with a remarkably high cost effort and then attempting a login to the so-modified account. desigo pxc5 firmware, desigo pxc4 firmware, desigo pxc3 Multiple Siemens products such as firmware contain a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state. Desigo DXR2 controllers are programmable automation stations to support the standard control needs of terminal HVAC equipment and TRA (Total Room Automation) applications. The Desigo PXC3 series of automation stations can be used in buildings with higher requirements for functionality and flexibility. Use Desigo room automation when multiple specialties (HVAC, lighting, shading) are combined into one solution and when a high degree of flexibility is required. The Desigo PXC4 building automation controller is designed for HVAC system control. It is a compact device with built-in IOs that can be expanded to your needs with additional TX-IO modules. The Desigo PXC5 is a freely programmable controller for BACnet system-level functions such as alarm routing, system-wide scheduling and trending, and device monitoring

Trust: 2.25

sources: NVD: CVE-2022-24040 // JVNDB: JVNDB-2022-009473 // CNVD: CNVD-2022-36378 // VULMON: CVE-2022-24040

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-36378

AFFECTED PRODUCTS

vendor:siemensmodel:desigo pxc4scope:ltversion:02.20.142.10-10884

Trust: 1.0

vendor:siemensmodel:desigo pxc3scope:ltversion:01.21.142.4-18

Trust: 1.0

vendor:siemensmodel:desigo pxc5scope:ltversion:02.20.142.10-10884

Trust: 1.0

vendor:siemensmodel:desigo dxr2scope:ltversion:01.21.142.5-22

Trust: 1.0

vendor:シーメンスmodel:desigo dxr2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxc3scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxc5scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxc4scope: - version: -

Trust: 0.8

vendor:siemensmodel:desigo pxc5scope:ltversion:v02.20.142.10-10884

Trust: 0.6

vendor:siemensmodel:desigo pxc4scope:ltversion:v02.20.142.10-10884

Trust: 0.6

vendor:siemensmodel:desigo pxc3scope:ltversion:v01.21.142.4-18

Trust: 0.6

vendor:siemensmodel:desigo dxr2scope:ltversion:v01.21.142.5-22

Trust: 0.6

sources: CNVD: CNVD-2022-36378 // JVNDB: JVNDB-2022-009473 // NVD: CVE-2022-24040

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-24040
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-24040
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2022-36378
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202205-2787
value: MEDIUM

Trust: 0.6

VULMON: CVE-2022-24040
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-24040
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2022-36378
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-24040
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-24040
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-36378 // VULMON: CVE-2022-24040 // JVNDB: JVNDB-2022-009473 // CNNVD: CNNVD-202205-2787 // NVD: CVE-2022-24040

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.0

problemtype:Resource exhaustion (CWE-400) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-009473 // NVD: CVE-2022-24040

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202205-2787

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202205-2787

PATCH

title:Patch for Siemens Desigo PXC and DXR Devices Uncontrolled Resource Consumption Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/332616

Trust: 0.6

title:Multiple Siemens Product resource management error vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=193545

Trust: 0.6

title: - url:https://github.com/Live-Hack-CVE/CVE-2022-24040

Trust: 0.1

sources: CNVD: CNVD-2022-36378 // VULMON: CVE-2022-24040 // CNNVD: CNNVD-202205-2787

EXTERNAL IDS

db:NVDid:CVE-2022-24040

Trust: 3.9

db:SIEMENSid:SSA-626968

Trust: 3.1

db:ICS CERTid:ICSA-22-132-10

Trust: 1.5

db:JVNid:JVNVU92977068

Trust: 0.8

db:JVNDBid:JVNDB-2022-009473

Trust: 0.8

db:CNVDid:CNVD-2022-36378

Trust: 0.6

db:CS-HELPid:SB2022051124

Trust: 0.6

db:AUSCERTid:ESB-2022.2349

Trust: 0.6

db:CNNVDid:CNNVD-202205-2787

Trust: 0.6

db:VULMONid:CVE-2022-24040

Trust: 0.1

sources: CNVD: CNVD-2022-36378 // VULMON: CVE-2022-24040 // JVNDB: JVNDB-2022-009473 // CNNVD: CNNVD-202205-2787 // NVD: CVE-2022-24040

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf

Trust: 2.5

url:https://jvn.jp/vu/jvnvu92977068/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-24040

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-10

Trust: 0.8

url:https://cert-portal.siemens.com/productcert/html/ssa-626968.html

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-24040/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2349

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-132-10

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022051124

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/400.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2022-24040

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-10

Trust: 0.1

sources: CNVD: CNVD-2022-36378 // VULMON: CVE-2022-24040 // JVNDB: JVNDB-2022-009473 // CNNVD: CNNVD-202205-2787 // NVD: CVE-2022-24040

CREDITS

reported these vulnerabilities to CISA.,Andrea Palanca, of Nozomi Networks

Trust: 0.6

sources: CNNVD: CNNVD-202205-2787

SOURCES

db:CNVDid:CNVD-2022-36378
db:VULMONid:CVE-2022-24040
db:JVNDBid:JVNDB-2022-009473
db:CNNVDid:CNNVD-202205-2787
db:NVDid:CVE-2022-24040

LAST UPDATE DATE

2024-11-23T21:50:30.662000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-36378date:2022-05-12T00:00:00
db:VULMONid:CVE-2022-24040date:2022-10-06T00:00:00
db:JVNDBid:JVNDB-2022-009473date:2023-08-04T08:29:00
db:CNNVDid:CNNVD-202205-2787date:2022-05-20T00:00:00
db:NVDid:CVE-2022-24040date:2024-11-21T06:49:42.783

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-36378date:2022-05-12T00:00:00
db:VULMONid:CVE-2022-24040date:2022-05-10T00:00:00
db:JVNDBid:JVNDB-2022-009473date:2023-08-04T00:00:00
db:CNNVDid:CNNVD-202205-2787date:2022-05-10T00:00:00
db:NVDid:CVE-2022-24040date:2022-05-10T11:15:08.287