7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.0%
Successful exploitation of this vulnerability could allow a denial-of-service condition, corrupt memory, or potentially execute custom code.
The following versions of Siemens SCALANCE SC-600 Family, a software management platform, are affected:
3.2.1 OUT-OF-BOUNDS WRITE CWE-787
Siemens SCALANCE SC-600 Family versions prior to 3.0; the zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has a plethora of distant matches.
CVE-2022-25032 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
3.2.2 USE AFTER FREE CWE-416
Siemens SCALANCE SC-600 Family versions prior to 3.0 is vulnerable to a use-after-free in Busybox 1.35-x’s awk applet. The vulnerability could cause a denial of service and possible code execution when processing a crafted awk pattern in the copyvar function.
CVE-2022-30065 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
3.2.3 ALLOCATION OF RESOURCES WITHOUT LIMITS OR THROTTLING CWE-770
Siemens SCALANCE SC-600 Family versions prior to 3.0:
CVE-2022-32205 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.4 ALLOCATION OF RESOURCES WITHOUT LIMITS OR THROTTLING CWE-770
Siemens SCALANCE SC-600 Family versions prior to 3.0 supports “chained” HTTP compression algorithms—meaning that a server response can be compressed multiple times and potentially with different algorithms, allowing a malicious server to insert a virtually unlimited number of compression steps and spending enormous amounts of allocated heap memory that cause out of memory errors.
CVE-2022-32206 has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
Siemens reported this vulnerability to CISA.
Siemens has prepared a fix and recommends updating to the following:
As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for industrial security and following the recommendations in the product manuals.
For more information, see Siemens Security Advisory SSA-333517 in HTML or CSAF.
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability these vulnerabilities. Specifically, users should:
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
No known public exploits specifically target this vulnerability.
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25032
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30065
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32205
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32206
cert-portal.siemens.com/operational-guidelines-industrial-security.pdf
cert-portal.siemens.com/productcert/csaf/ssa-333517.json
cert-portal.siemens.com/productcert/html/ssa-333517.html
cisa.gov/ics
cisa.gov/ics
cwe.mitre.org/data/definitions/416.html
cwe.mitre.org/data/definitions/770.html
cwe.mitre.org/data/definitions/770.html
cwe.mitre.org/data/definitions/787.html
public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138
support.industry.siemens.com/cs/ww/en/view/109814276/
support.industry.siemens.com/cs/ww/en/view/109814276/
support.industry.siemens.com/cs/ww/en/view/109814276/
support.industry.siemens.com/cs/ww/en/view/109814276/
support.industry.siemens.com/cs/ww/en/view/109814276/
support.industry.siemens.com/cs/ww/en/view/109814276/
twitter.com/CISAgov
twitter.com/intent/tweet?text=Siemens%20SCALANCE%20SC-600%20Family+https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-18
us-cert.cisa.gov/ics/Recommended-Practices
us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf
www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B
www.dhs.gov
www.dhs.gov/foia
www.dhs.gov/performance-financial-reports
www.facebook.com/CISA
www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-18&title=Siemens%20SCALANCE%20SC-600%20Family
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
www.instagram.com/cisagov
www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-18
www.oig.dhs.gov/
www.surveymonkey.com/r/CISA-cyber-survey?product=https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-18
www.usa.gov/
www.whitehouse.gov/
www.youtube.com/@cisagov
mailto:?subject=Siemens%20SCALANCE%20SC-600%20Family&body=www.cisa.gov/news-events/ics-advisories/icsa-22-349-18
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.0%