Rewterz Threat Advisory – Multiple Siemens SCALANCE devices Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-36323 CVSS:9.1
Siemens SCALANCE devices could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to to inject code or spawn a system root shell.

CVE-2022-36324 CVSS:7.5
Siemens SCALANCE devices are vulnerable to a denial of service, caused by improperly handling the renegotiation of SSL/TLS parameters. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service

CVE-2022-36325 CVSS:6.8
Siemens SCALANCE devices are vulnerable to DOM-based cross-site scripting, caused by improper validation of user-supplied input by the web interface. A remote attacker could exploit this vulnerability to execute a script in a victim’s Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

Impact

• Code Execution
• Denial of Service
• Cross-Site Scripting

Indicators Of Compromise

CVE

• CVE-2022-36323
• CVE-2022-36324
• CVE-2022-36325

Affected Vendors

• Siemens

Affected Products

• Siemens SCALANCE M-800
• Siemens SCALANCE XB-200
• Siemens SCALANCE XP-200
• Siemens SCALANCE XR-300WG
• Siemens SCALANCE X-200
• Siemens SCALANCE X-200IRT
• Siemens SCALANCE X-300
• Siemens SCALANCE SC-600
• Siemens SCALANCE W-700
• Siemens SCALANCE W-700 IEEE 802.11n
• Siemens SCALANCE XM-400

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.
Siemens Security Advisory