Sign-up

ID

VAR-202205-0554


CVE

CVE-2022-24042


TITLE

Session Expiration Vulnerability in Multiple Siemens Products

Trust: 0.8

sources: JVNDB: JVNDB-2022-009471

DESCRIPTION

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application returns an AuthToken that does not expire at the defined auto logoff delay timeout. An attacker could be able to capture this token and re-use old session credentials or session IDs for authorization. desigo pxc5 firmware, desigo pxc4 firmware, desigo pxc3 Multiple Siemens products such as firmware contain vulnerabilities related to session expiration.Information may be obtained and information may be tampered with. Desigo DXR2 controllers are programmable automation stations to support the standard control needs of terminal HVAC equipment and TRA (Total Room Automation) applications. The Desigo PXC3 series of automation stations can be used in buildings with higher requirements for functionality and flexibility. Use Desigo room automation when multiple specialties (HVAC, lighting, shading) are combined into one solution and when a high degree of flexibility is required. The Desigo PXC4 building automation controller is designed for HVAC system control. It is a compact device with built-in IOs that can be expanded to your needs with additional TX-IO modules. The Desigo PXC5 is a freely programmable controller for BACnet system-level functions such as alarm routing, system-wide scheduling and trending, and device monitoring

Trust: 2.25

sources: NVD: CVE-2022-24042 // JVNDB: JVNDB-2022-009471 // CNVD: CNVD-2022-36376 // VULMON: CVE-2022-24042

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-36376

AFFECTED PRODUCTS

vendor:siemensmodel:desigo pxc4scope:ltversion:02.20.142.10-10884

Trust: 1.0

vendor:siemensmodel:desigo pxc3scope:ltversion:01.21.142.4-18

Trust: 1.0

vendor:siemensmodel:desigo pxc5scope:ltversion:02.20.142.10-10884

Trust: 1.0

vendor:siemensmodel:desigo dxr2scope:ltversion:01.21.142.5-22

Trust: 1.0

vendor:シーメンスmodel:desigo dxr2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxc3scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxc5scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxc4scope: - version: -

Trust: 0.8

vendor:siemensmodel:desigo pxc5scope:ltversion:v02.20.142.10-10884

Trust: 0.6

vendor:siemensmodel:desigo pxc4scope:ltversion:v02.20.142.10-10884

Trust: 0.6

vendor:siemensmodel:desigo pxc3scope:ltversion:v01.21.142.4-18

Trust: 0.6

vendor:siemensmodel:desigo dxr2scope:ltversion:v01.21.142.5-22

Trust: 0.6

sources: CNVD: CNVD-2022-36376 // JVNDB: JVNDB-2022-009471 // NVD: CVE-2022-24042

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-24042
value: CRITICAL

Trust: 1.0

NVD: CVE-2022-24042
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2022-36376
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202205-2785
value: CRITICAL

Trust: 0.6

VULMON: CVE-2022-24042
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-24042
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2022-36376
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-24042
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2022-24042
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-36376 // VULMON: CVE-2022-24042 // JVNDB: JVNDB-2022-009471 // CNNVD: CNNVD-202205-2785 // NVD: CVE-2022-24042

PROBLEMTYPE DATA

problemtype:CWE-613

Trust: 1.0

problemtype:Inappropriate session deadline (CWE-613) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-009471 // NVD: CVE-2022-24042

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202205-2785

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202205-2785

PATCH

title:Patch for Unknown Vulnerability in Siemens Desigo PXC and DXR Devices (CNVD-2022-36376)url:https://www.cnvd.org.cn/patchInfo/show/332626

Trust: 0.6

title:Multiple Siemens Product code issue vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192663

Trust: 0.6

title: - url:https://github.com/Live-Hack-CVE/CVE-2022-24042

Trust: 0.1

sources: CNVD: CNVD-2022-36376 // VULMON: CVE-2022-24042 // CNNVD: CNNVD-202205-2785

EXTERNAL IDS

db:NVDid:CVE-2022-24042

Trust: 3.9

db:SIEMENSid:SSA-626968

Trust: 3.1

db:ICS CERTid:ICSA-22-132-10

Trust: 1.5

db:JVNid:JVNVU92977068

Trust: 0.8

db:JVNDBid:JVNDB-2022-009471

Trust: 0.8

db:CNVDid:CNVD-2022-36376

Trust: 0.6

db:CS-HELPid:SB2022051124

Trust: 0.6

db:AUSCERTid:ESB-2022.2349

Trust: 0.6

db:CNNVDid:CNNVD-202205-2785

Trust: 0.6

db:VULMONid:CVE-2022-24042

Trust: 0.1

sources: CNVD: CNVD-2022-36376 // VULMON: CVE-2022-24042 // JVNDB: JVNDB-2022-009471 // CNNVD: CNNVD-202205-2785 // NVD: CVE-2022-24042

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf

Trust: 2.5

url:https://jvn.jp/vu/jvnvu92977068/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-24042

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-10

Trust: 0.8

url:https://cert-portal.siemens.com/productcert/html/ssa-626968.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2349

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-132-10

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022051124

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-24042/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/613.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2022-24042

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-10

Trust: 0.1

sources: CNVD: CNVD-2022-36376 // VULMON: CVE-2022-24042 // JVNDB: JVNDB-2022-009471 // CNNVD: CNNVD-202205-2785 // NVD: CVE-2022-24042

CREDITS

reported these vulnerabilities to CISA.,Andrea Palanca, of Nozomi Networks

Trust: 0.6

sources: CNNVD: CNNVD-202205-2785

SOURCES

db:CNVDid:CNVD-2022-36376
db:VULMONid:CVE-2022-24042
db:JVNDBid:JVNDB-2022-009471
db:CNNVDid:CNNVD-202205-2785
db:NVDid:CVE-2022-24042

LAST UPDATE DATE

2024-11-23T21:50:30.756000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-36376date:2022-05-12T00:00:00
db:VULMONid:CVE-2022-24042date:2022-10-06T00:00:00
db:JVNDBid:JVNDB-2022-009471date:2023-08-04T08:29:00
db:CNNVDid:CNNVD-202205-2785date:2022-05-20T00:00:00
db:NVDid:CVE-2022-24042date:2024-11-21T06:49:43.033

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-36376date:2022-05-12T00:00:00
db:VULMONid:CVE-2022-24042date:2022-05-10T00:00:00
db:JVNDBid:JVNDB-2022-009471date:2023-08-04T00:00:00
db:CNNVDid:CNNVD-202205-2785date:2022-05-10T00:00:00
db:NVDid:CVE-2022-24042date:2022-05-10T11:15:08.397