Rewterz Threat Advisory – ICS: Multiple Siemens Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-24661

Siemens Simcenter STAR-CCM+ Viewer could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption in the starview+.exe file. By persuading a victim to open a specially-crafted.SCE file, an attacker could exploit this vulnerability to execute arbitrary code on the system in the context of the current process.

CVE-2021-44478

Siemens Polarion Subversion Webclient is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2022-25311

Siemens SINEC NMS could allow a local authenticated attacker to gain elevated privileges on the system, caused by the failure to check privileges between users during the same web browser session. By sending a specially-crafted request, an attacker could exploit this vulnerability to achieve privilege escalation.

Impact

• Code Execution
• Cross-Site Scripting
• Privilege Escalation

Indicators Of Compromise

CVE

• CVE-2022-24661
• CVE-2021-44478
• CVE-2022-24661

Affected Vendors

Siemens

Affected Products

• Siemens Simcenter STAR-CCM+ Viewer 2021.2.0
• Siemens Simcenter STAR-CCM+ Viewer 2021.1
• Siemens Polarion Subversion Webclient 21 R1
• Siemens SINEC NMS

Remediation

Refer to Siemens Security Advisory SSA-166747 for patch, upgrade or suggested workaround information.

CVE-2022-24661 
CVE-2021-44478
CVE-2022-24661