CVE-2022-29875

CVSS V2 High 9.3 CVSS V3 Critical 9.8
Description
A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions < VC20D), NAEOTOM Alpha (All VA40 versions < VA40 SP2), SOMATOM X.cite (All versions < VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions < VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions < VB22A-UD03), Symbia Evo (All VB22 versions < VB22A-UD03), Symbia Intevo (All VB22 versions < VB22A-UD03), Symbia T (All VB22 versions < VB22A-UD03), Symbia.net (All VB22 versions < VB22A-UD03), syngo.via VB10 (All versions), syngo.via VB20 (All versions), syngo.via VB30 (All versions), syngo.via VB40 (All versions < VB40B HF06), syngo.via VB50 (All versions), syngo.via VB60 (All versions < VB60B HF02). The application deserialises untrusted data without sufficient validations that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system if ports 32912/tcp or 32914/tcp are reachable.
Overview
  • CVE ID
  • CVE-2022-29875
  • Assigner
  • productcert@siemens.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-06-01T10:15:08
  • Last Modified Date
  • 2022-06-11T00:45:14
Weakness Enumerations
CWE URL
CWE-502 http://cwe.mitre.org/data/definitions/502.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:siemens:biograph_horizon_pet\/ct_systems_firmware:*:*:*:*:*:*:*:* 1 OR vj30 vj30c-ud01
cpe:2.3:h:siemens:biograph_horizon_pet\/ct_systems:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va10b:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va12m:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va12s:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va20a:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va30a:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va31a:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:siemens:magnetom_numaris_x:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:mammomat_revelation_firmware:*:*:*:*:*:*:*:* 1 OR vc20 vc20d
cpe:2.3:h:siemens:mammomat_revelation:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:naeotom_alpha_firmware:va40:-:*:*:*:*:*:* 1 OR
cpe:2.3:h:siemens:naeotom_alpha:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:somatom_x.cite_firmware:*:*:*:*:*:*:*:* 1 OR va30
cpe:2.3:o:siemens:somatom_x.cite_firmware:va30:-:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:somatom_x.cite_firmware:va40:-:*:*:*:*:*:* 1 OR
cpe:2.3:h:siemens:somatom_x.cite:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:somatom_x.creed_firmware:*:*:*:*:*:*:*:* 1 OR va30
cpe:2.3:o:siemens:somatom_x.creed_firmware:va30:-:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:somatom_x.creed_firmware:va40:-:*:*:*:*:*:* 1 OR
cpe:2.3:h:siemens:somatom_x.creed:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:somatom_go.all_firmware:*:*:*:*:*:*:*:* 1 OR va30
cpe:2.3:o:siemens:somatom_go.all_firmware:va30:-:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:somatom_go.all_firmware:va40:-:*:*:*:*:*:* 1 OR
cpe:2.3:h:siemens:somatom_go.all:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:somatom_go.now_firmware:*:*:*:*:*:*:*:* 1 OR va30
cpe:2.3:o:siemens:somatom_go.now_firmware:va30:-:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:somatom_go.now_firmware:va40:-:*:*:*:*:*:* 1 OR
cpe:2.3:h:siemens:somatom_go.now:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:somatom_go.open_pro_firmware:*:*:*:*:*:*:*:* 1 OR va30
cpe:2.3:o:siemens:somatom_go.open_pro_firmware:va30:-:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:somatom_go.open_pro_firmware:va40:-:*:*:*:*:*:* 1 OR
cpe:2.3:h:siemens:somatom_go.open_pro:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:somatom_go.sim_firmware:*:*:*:*:*:*:*:* 1 OR va30
cpe:2.3:o:siemens:somatom_go.sim_firmware:va30:-:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:somatom_go.sim_firmware:va40:-:*:*:*:*:*:* 1 OR
cpe:2.3:h:siemens:somatom_go.sim:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:somatom_go.up_firmware:*:*:*:*:*:*:*:* 1 OR va30
cpe:2.3:o:siemens:somatom_go.up_firmware:va30:-:*:*:*:*:*:* 1 OR
cpe:2.3:o:siemens:somatom_go.up_firmware:va40:-:*:*:*:*:*:* 1 OR
cpe:2.3:h:siemens:somatom_go.up:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:symbia_e_firmware:*:*:*:*:*:*:*:* 1 OR vb22 vb22a-ud03
cpe:2.3:h:siemens:symbia_e:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:symbia_s_firmware:*:*:*:*:*:*:*:* 1 OR vb22 vb22a-ud03
cpe:2.3:h:siemens:symbia_s:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:symbia_evo_firmware:*:*:*:*:*:*:*:* 1 OR vb22 vb22a-ud03
cpe:2.3:h:siemens:symbia_evo:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:symbia_intevo_firmware:*:*:*:*:*:*:*:* 1 OR vb22 vb22a-ud03
cpe:2.3:h:siemens:symbia_intevo:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:siemens:symbia_t_firmware:*:*:*:*:*:*:*:* 1 OR vb22 vb22a-ud03
cpe:2.3:h:siemens:symbia_t:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:siemens:symbia.net:*:*:*:*:*:*:*:* 1 OR vb22 vb22a-ud03
AND
cpe:2.3:a:siemens:syngo.via:*:*:*:*:*:*:*:* 1 OR vb40 vb40b
cpe:2.3:a:siemens:syngo.via:*:*:*:*:*:*:*:* 1 OR vb60 vb60b
cpe:2.3:a:siemens:syngo.via:vb10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:siemens:syngo.via:vb20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:siemens:syngo.via:vb30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:siemens:syngo.via:vb40b:-:*:*:*:*:*:* 1 OR
cpe:2.3:a:siemens:syngo.via:vb50:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:siemens:syngo.via:vb60b:-:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:C/I:C/A:C
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 9.3
  • Severity
  • HIGH
  • Exploitability Score
  • 8.6
  • Impact Score
  • 10
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 9.8
  • Base Severity
  • CRITICAL
  • Exploitability Score
  • 3.9
  • Impact Score
  • 5.9
References
Reference URL Reference Tags
https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-29875
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29875
History
Created Old Value New Value Data Type Notes
2022-06-01 11:00:05 Added to TrackCVE