Sign-up

ID

VAR-202205-0555


CVE

CVE-2022-24041


TITLE

Vulnerability of using weak password hashes in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2022-009472

DESCRIPTION

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The web application stores the PBKDF2 derived key of users passwords with a low iteration count. An attacker with user profile access privilege can retrieve the stored password hashes of other accounts and then successfully perform an offline cracking attack and recover the plaintext passwords of other users. desigo pxc5 firmware, desigo pxc4 firmware, desigo pxc3 Several Siemens products, including firmware, contain vulnerabilities related to the use of weak password hashes.Information may be obtained. Desigo DXR2 controllers are programmable automation stations to support the standard control needs of terminal HVAC equipment and TRA (Total Room Automation) applications. The Desigo PXC3 series of automation stations can be used in buildings with higher requirements for functionality and flexibility. Use Desigo room automation when multiple specialties (HVAC, lighting, shading) are combined into one solution and when a high degree of flexibility is required. The Desigo PXC4 building automation controller is designed for HVAC system control. It is a compact device with built-in IOs that can be expanded to your needs with additional TX-IO modules. The Desigo PXC5 is a freely programmable controller for BACnet system-level functions such as alarm routing, system-wide scheduling and trending, and device monitoring

Trust: 2.25

sources: NVD: CVE-2022-24041 // JVNDB: JVNDB-2022-009472 // CNVD: CNVD-2022-36377 // VULMON: CVE-2022-24041

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-36377

AFFECTED PRODUCTS

vendor:siemensmodel:desigo pxc4scope:ltversion:02.20.142.10-10884

Trust: 1.0

vendor:siemensmodel:desigo pxc3scope:ltversion:01.21.142.4-18

Trust: 1.0

vendor:siemensmodel:desigo pxc5scope:ltversion:02.20.142.10-10884

Trust: 1.0

vendor:siemensmodel:desigo dxr2scope:ltversion:01.21.142.5-22

Trust: 1.0

vendor:シーメンスmodel:desigo dxr2scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxc3scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxc5scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:desigo pxc4scope: - version: -

Trust: 0.8

vendor:siemensmodel:desigo pxc5scope:ltversion:v02.20.142.10-10884

Trust: 0.6

vendor:siemensmodel:desigo pxc4scope:ltversion:v02.20.142.10-10884

Trust: 0.6

vendor:siemensmodel:desigo pxc3scope:ltversion:v01.21.142.4-18

Trust: 0.6

vendor:siemensmodel:desigo dxr2scope:ltversion:v01.21.142.5-22

Trust: 0.6

sources: CNVD: CNVD-2022-36377 // JVNDB: JVNDB-2022-009472 // NVD: CVE-2022-24041

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-24041
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-24041
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2022-36377
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202205-2786
value: MEDIUM

Trust: 0.6

VULMON: CVE-2022-24041
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-24041
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2022-36377
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-24041
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-24041
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-36377 // VULMON: CVE-2022-24041 // JVNDB: JVNDB-2022-009472 // CNNVD: CNNVD-202205-2786 // NVD: CVE-2022-24041

PROBLEMTYPE DATA

problemtype:CWE-916

Trust: 1.0

problemtype:Use of weak password hashes (CWE-916) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-009472 // NVD: CVE-2022-24041

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202205-2786

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202205-2786

PATCH

title:Patch for Unknown Vulnerability in Siemens Desigo PXC and DXR Devicesurl:https://www.cnvd.org.cn/patchInfo/show/332621

Trust: 0.6

title:Multiple Siemens Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=193544

Trust: 0.6

title: - url:https://github.com/Live-Hack-CVE/CVE-2022-24041

Trust: 0.1

sources: CNVD: CNVD-2022-36377 // VULMON: CVE-2022-24041 // CNNVD: CNNVD-202205-2786

EXTERNAL IDS

db:NVDid:CVE-2022-24041

Trust: 3.9

db:SIEMENSid:SSA-626968

Trust: 3.1

db:ICS CERTid:ICSA-22-132-10

Trust: 1.5

db:JVNid:JVNVU92977068

Trust: 0.8

db:JVNDBid:JVNDB-2022-009472

Trust: 0.8

db:CNVDid:CNVD-2022-36377

Trust: 0.6

db:CS-HELPid:SB2022051124

Trust: 0.6

db:AUSCERTid:ESB-2022.2349

Trust: 0.6

db:CNNVDid:CNNVD-202205-2786

Trust: 0.6

db:VULMONid:CVE-2022-24041

Trust: 0.1

sources: CNVD: CNVD-2022-36377 // VULMON: CVE-2022-24041 // JVNDB: JVNDB-2022-009472 // CNNVD: CNNVD-202205-2786 // NVD: CVE-2022-24041

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-626968.pdf

Trust: 2.5

url:https://jvn.jp/vu/jvnvu92977068/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-24041

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-10

Trust: 0.8

url:https://cert-portal.siemens.com/productcert/html/ssa-626968.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2349

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-132-10

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022051124

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-24041/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/916.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2022-24041

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-10

Trust: 0.1

sources: CNVD: CNVD-2022-36377 // VULMON: CVE-2022-24041 // JVNDB: JVNDB-2022-009472 // CNNVD: CNNVD-202205-2786 // NVD: CVE-2022-24041

CREDITS

reported these vulnerabilities to CISA.,Andrea Palanca, of Nozomi Networks

Trust: 0.6

sources: CNNVD: CNNVD-202205-2786

SOURCES

db:CNVDid:CNVD-2022-36377
db:VULMONid:CVE-2022-24041
db:JVNDBid:JVNDB-2022-009472
db:CNNVDid:CNNVD-202205-2786
db:NVDid:CVE-2022-24041

LAST UPDATE DATE

2024-11-23T21:50:30.190000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-36377date:2022-05-12T00:00:00
db:VULMONid:CVE-2022-24041date:2022-10-06T00:00:00
db:JVNDBid:JVNDB-2022-009472date:2023-08-04T08:29:00
db:CNNVDid:CNNVD-202205-2786date:2022-05-20T00:00:00
db:NVDid:CVE-2022-24041date:2024-11-21T06:49:42.903

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-36377date:2022-05-12T00:00:00
db:VULMONid:CVE-2022-24041date:2022-05-10T00:00:00
db:JVNDBid:JVNDB-2022-009472date:2023-08-04T00:00:00
db:CNNVDid:CNNVD-202205-2786date:2022-05-10T00:00:00
db:NVDid:CVE-2022-24041date:2022-05-10T11:15:08.343