Siemens Teamcenter Active Workspace


## 1\. EXECUTIVE SUMMARY * **CVSS v3 6.1** * **ATTENTION:** Exploitable remotely/low attack complexity * **Vendor:** Siemens * **Equipment:** Teamcenter Active Workspace * **Vulnerability:** Cross-site Scripting ## 2\. RISK EVALUATION Successful exploitation of this vulnerability could allow for malicious code execution. ## 3\. TECHNICAL DETAILS ### 3.1 AFFECTED PRODUCTS The following versions of Smart Security Manager, a software management platform, are affected: * Teamcenter Active Workspace v5.2: All versions prior to 5.2.9 * Teamcenter Active Workspace v6.0: All versions prior to 6.0.3 ### 3.2 VULNERABILITY OVERVIEW #### 3.2.1 [IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION (‘CROSS-SITE SCRIPTING’) CWE-79](<https://cwe.mitre.org/data/definitions/79.html>) The affected product is vulnerable to a reflected cross-site scripting (XSS) vulnerability that exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link. [CVE-2022-32145](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32145>) has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N>)). ### 3.3 BACKGROUND * **CRITICAL INFRASTRUCTURE SECTORS:** Multiple Sectors * **COUNTRIES/AREAS DEPLOYED:** Worldwide * **COMPANY HEADQUARTERS LOCATION:** Germany ### 3.4 RESEARCHER Han Lee from Apple Information Security reported this vulnerability to Siemens. ## 4\. MITIGATIONS Siemens has released updates for the affected products and recommends updating to the latest versions: * Teamcenter Active Workspace update to [v5.2.9 or later](<https://support.sw.siemens.com/>) * Teamcenter Active Workspace update to [v6.0.3 or later](<https://support.sw.siemens.com/>) Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk: * Utilize a modern web browser with integrated XSS filtering mechanisms. As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to [Siemens’ operational guidelines for industrial security](<https://www.siemens.com/cert/operational-guidelines-industrial-security>) and following recommendations in the product manuals. For additional information, please refer to Siemens Security Advisory [SSA-401167](<https://cert-portal.siemens.com/productcert/html/ssa-401167.html>) CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for [control systems security recommended practices](<https://www.cisa.gov/uscert/ics/recommended-practices>) on the [ICS webpage on cisa.gov/ics](<https://cisa.gov/ics>) Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>). Additional mitigation guidance and recommended practices are publicly available on the [ICS webpage on cisa.gov/ics](<https://cisa.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B>). Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents. No known public exploits specifically target this vulnerability. ## Contact Information For any questions related to this report, please contact the CISA at: Email: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) Toll Free: 1-888-282-0870 For industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics or incident reporting: https://us-cert.cisa.gov/report CISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product. This product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy. **Please share your thoughts.** We recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/icsa-22-167-15>); we'd welcome your feedback.