Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2022-30065.NASLHistoryApr 11, 2023 - 12:00 a.m.
Siemens SCALANCE XCM332 Use After Free (CVE-2022-30065)
2023-04-1100:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
siemens scalance xcm332
busybox 1.35-x
awk applet
denial of service
code execution
crafted awk pattern
update
vulnerability
industrial security
cisa
productcert
cve-2022-30065
0.001 Low
EPSS
Percentile
29.7%
A use-after-free in Busybox 1.35-xβs awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(500987);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/24");
script_cve_id("CVE-2022-30065");
script_name(english:"Siemens SCALANCE XCM332 Use After Free (CVE-2022-30065)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A use-after-free in Busybox 1.35-x's awk applet leads to denial of
service and possibly code execution when processing a crafted awk
pattern in the copyvar function.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://bugs.busybox.net/show_bug.cgi?id=14781");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-09");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Siemens has released an update for the SCALANCE XCM332 and recommends updating to the latest version:
- SCALANCE XCM332 (6GK5332-0GA01-2AC2): Update to V2.2 or later version
As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To
operate the devices in a protected IT environment, Siemens recommends configuring the environment according to SiemensΓ’ΒΒ
operational guidelines for industrial security and following the recommendations in the product manuals. Additional
information on Industrial Security by Siemens can be found at the Siemens Industrial Security web page.
For further inquiries on security vulnerabilities in Siemens products and solutions, users should contact the Siemens
ProductCERT.
For more information see the associated Siemens security advisory SSA-558014 in HTML and CSAF.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-30065");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(416);
script_set_attribute(attribute:"vuln_publication_date", value:"2022/05/18");
script_set_attribute(attribute:"patch_publication_date", value:"2022/05/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/11");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc622-2c_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc626-2c_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc632-2c_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc636-2c_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc642-2c_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_sc646-2c_firmware");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Siemens");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Siemens');
var asset = tenable_ot::assets::get(vendor:'Siemens');
var vuln_cpes = {
"cpe:/o:siemens:scalance_sc622-2c_firmware" :
{"versionEndExcluding" : "3.0", "family" : "SCALANCES"},
"cpe:/o:siemens:scalance_sc626-2c_firmware" :
{"versionEndExcluding" : "3.0", "family" : "SCALANCES"},
"cpe:/o:siemens:scalance_sc632-2c_firmware" :
{"versionEndExcluding" : "3.0", "family" : "SCALANCES"},
"cpe:/o:siemens:scalance_sc636-2c_firmware" :
{"versionEndExcluding" : "3.0", "family" : "SCALANCES"},
"cpe:/o:siemens:scalance_sc642-2c_firmware" :
{"versionEndExcluding" : "3.0", "family" : "SCALANCES"},
"cpe:/o:siemens:scalance_sc646-2c_firmware" :
{"versionEndExcluding" : "3.0", "family" : "SCALANCES"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | scalance_sc622-2c_firmware | cpe:/o:siemens:scalance_sc622-2c_firmware | |
| siemens | scalance_sc626-2c_firmware | cpe:/o:siemens:scalance_sc626-2c_firmware | |
| siemens | scalance_sc632-2c_firmware | cpe:/o:siemens:scalance_sc632-2c_firmware | |
| siemens | scalance_sc636-2c_firmware | cpe:/o:siemens:scalance_sc636-2c_firmware | |
| siemens | scalance_sc642-2c_firmware | cpe:/o:siemens:scalance_sc642-2c_firmware | |
| siemens | scalance_sc646-2c_firmware | cpe:/o:siemens:scalance_sc646-2c_firmware |
Related
alpinelinux
alpinelinux
CVE-2022-30065
2022-05-18 15:15:10
nessus
nessus
EulerOS 2.0 SP9 : busybox (EulerOS-SA-2022-2720)
2022-11-14 00:00:00
Amazon Linux AMI : busybox (ALAS-2023-1786)
2023-07-20 00:00:00
SUSE SLES12 Security Update : busybox (SUSE-SU-2022:4372-1)
2022-12-09 00:00:00
cgr
cgr
CVE-2022-30065 vulnerabilities
2024-05-19 03:07:16
nvd
nvd
CVE-2022-30065
2022-05-18 15:15:10
redhatcve
redhatcve
CVE-2022-30065
2022-05-19 04:18:45
openvas
openvas
Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2022-2643)
2022-11-03 00:00:00
Mageia: Security Advisory (MGASA-2022-0458)
2022-12-14 00:00:00
Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2022-2675)
2022-11-03 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-30065 affecting package busybox for versions less than 1.35.0-3
2022-08-31 06:17:52
veracode
veracode
Use-After-Free
2022-06-24 02:26:58
wolfi
wolfi
CVE-2022-30065 vulnerabilities
2024-07-03 09:08:38
cvelist
cvelist
CVE-2022-30065
2022-05-18 00:00:00
mageia
mageia
Updated busybox packages fix security vulnerability
2022-12-14 01:09:19
prion
prion
Design/Logic Flaw
2022-05-18 15:15:00
ubuntucve
ubuntucve
CVE-2022-30065
2022-05-18 00:00:00
osv
osv
CVE-2022-30065
2022-05-18 15:15:10
amazon
amazon
Medium: busybox
2023-07-13 23:57:00
debiancve
debiancve
CVE-2022-30065
2022-05-18 15:15:10
cve
cve
CVE-2022-30065
2022-05-18 15:15:10
rosalinux
rosalinux
Advisory ROSA-SA-2024-2426
2024-05-28 08:29:45
ics
ics
Siemens SCALANCE SC-600 Family
2022-12-15 12:00:00
Siemens SCALANCE XCM332
2023-04-13 12:00:00
Siemens SIMATIC S7-1500 TM MFP BIOS
2023-06-15 12:00:00
avleonov
avleonov