CVE-2022-35868

🗓️ 14 Feb 2023 10:36:08Reported by siemensType

Vulnerability in TIA Multiuser Server and TIA Project-Server softwar

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the microprogramming software of Siemens TIA Project-Server allows a hacker to increase their privileges.	27 Mar 202300:00	–	bdu_fstec
CNNVD	Siemens TIA Multiuser Server 代码问题漏洞	14 Feb 202300:00	–	cnnvd
CNVD	Siemens TIA Project-Server formerly untrusted search path vulnerability	17 Feb 202300:00	–	cnvd
CVE	CVE-2022-35868	14 Feb 202310:36	–	cve
EUVD	EUVD-2022-38741	3 Oct 202520:07	–	euvd
ICS	Siemens TIA Project-Server formerly known as TIA Multiuser Server	14 Feb 202300:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	14 Feb 202300:00	–	ncsc
NVD	CVE-2022-35868	14 Feb 202311:15	–	nvd
Prion	Path traversal	14 Feb 202311:15	–	prion
Positive Technologies	PT-2023-1971 · Siemens · Tia Multiuser Server +1	14 Feb 202300:00	–	ptsecurity

[
  {
    "vendor": "Siemens",
    "product": "TIA Multiuser Server V14",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TIA Multiuser Server V15",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 8"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TIA Project-Server",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V1.1"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TIA Project-Server V16",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TIA Project-Server V17",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V17 Update 6"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-640968.pdf
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-640968.html

13 Aug 2024 07:50Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.7

EPSS0.0013

CWE-426