CVE-2022-24408 - OpenCVE

A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local attackers to escalate their privileges to root.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Sinumerik Mc Sinumerik Mc Firmware Sinumerik One Sinumerik One Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:siemens:sinumerik_mc_firmware::::::::
	cpe:2.3:o:siemens:sinumerik_mc_firmware:1.15:-::::::

cpe:2.3:h:siemens:sinumerik_mc:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:siemens:sinumerik_one_firmware::::::::
	cpe:2.3:o:siemens:sinumerik_one_firmware:6.15:-::::::

cpe:2.3:h:siemens:sinumerik_one:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-337210.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2022-03-08T11:31:30

Updated: 2024-08-03T04:13:55.644Z

Reserved: 2022-02-04T00:00:00

Link: CVE-2022-24408

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-03-08T12:15:11.627

Modified: 2022-03-11T18:50:31.930

Link: CVE-2022-24408

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SINUMERIK MC", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V1.15 SP1"}]}, {"product": "SINUMERIK ONE", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V6.15 SP1"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local attackers to escalate their privileges to root."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-08T11:31:30", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-337210.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2022-24408", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SINUMERIK MC", "version": {"version_data": [{"version_value": "All versions < V1.15 SP1"}]}}, {"product_name": "SINUMERIK ONE", "version": {"version_data": [{"version_value": "All versions < V6.15 SP1"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local attackers to escalate their privileges to root."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-269: Improper Privilege Management"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-337210.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-337210.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:13:55.644Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-337210.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2022-24408", "datePublished": "2022-03-08T11:31:30", "dateReserved": "2022-02-04T00:00:00", "dateUpdated": "2024-08-03T04:13:55.644Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinumerik_mc_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA3311CC-3C2B-4E9C-B972-2F76BA8694C0", "versionEndExcluding": "1.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:siemens:sinumerik_mc_firmware:1.15:-:*:*:*:*:*:*", "matchCriteriaId": "26E27721-C049-49AC-BBF8-F2C0366BB004", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinumerik_mc:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A86979B-71A2-49E6-BFBC-E12FBBE60EEA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:sinumerik_one_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "03215CCE-3A62-4C3B-8D29-22C0DE5CEC0E", "versionEndExcluding": "6.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:siemens:sinumerik_one_firmware:6.15:-:*:*:*:*:*:*", "matchCriteriaId": "64F97D32-42DC-4555-A296-E87A73640D77", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:sinumerik_one:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE30FFDF-5494-400D-8F88-954A6B1503B9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SINUMERIK MC (All versions < V1.15 SP1), SINUMERIK ONE (All versions < V6.15 SP1). The sc SUID binary on affected devices provides several commands that are used to execute system commands or modify system files. A specific set of operations using sc could allow local attackers to escalate their privileges to root."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SINUMERIK MC (Todas las versiones anteriores a la versi\u00f3n V1.15 SP1), SINUMERIK ONE (Todas las versiones anteriores a la versi\u00f3n V6.15 SP1). El binario sc SUID en los dispositivos afectados proporciona varios comandos que se utilizan para ejecutar comandos del sistema o modificar archivos del sistema. Un conjunto espec\u00edfico de operaciones utilizando sc podr\u00eda permitir a los atacantes locales escalar sus privilegios a root"}], "id": "CVE-2022-24408", "lastModified": "2022-03-11T18:50:31.930", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-08T12:15:11.627", "references": [{"source": "productcert@siemens.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-337210.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "productcert@siemens.com", "type": "Secondary"}]}