CVE-2022-29875

{"id": "CVE-2022-29875", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-06-01T10:15:08.197", "references": [{"url": "https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016", "tags": ["Mitigation", "Vendor Advisory"], "source": "productcert@siemens.com"}, {"url": "https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016", "tags": ["Mitigation", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-502"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions < VC20D), NAEOTOM Alpha (All VA40 versions < VA40 SP2), SOMATOM X.cite (All versions < VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions < VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions < VB22A-UD03), Symbia Evo (All VB22 versions < VB22A-UD03), Symbia Intevo (All VB22 versions < VB22A-UD03), Symbia T (All VB22 versions < VB22A-UD03), Symbia.net (All VB22 versions < VB22A-UD03), syngo.via VB10 (All versions), syngo.via VB20 (All versions), syngo.via VB30 (All versions), syngo.via VB40 (All versions < VB40B HF06), syngo.via VB50 (All versions), syngo.via VB60 (All versions < VB60B HF02). The application deserialises untrusted data without sufficient validations that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system if ports 32912/tcp or 32914/tcp are reachable."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en los sistemas Biograph Horizon PET/CT (todas las versiones VJ30 anteriores a VJ30C-UD01), la familia MAGNETOM (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (todas las versiones VC20 anteriores a VC20D), NAEOTOM Alpha (todas las versiones VA40 anteriores a VA40 SP2), SOMATOM X. cite (Todas las versiones anteriores a VA30 SP5 o VA40 SP2), SOMATOM X.creed (Todas las versiones anteriores a VA30 SP5 o VA40 SP2), SOMATOM go.All (Todas las versiones anteriores a VA30 SP5 o VA40 SP2), SOMATOM go.Now (Todas las versiones anteriores a VA30 SP5 o VA40 SP2), SOMATOM go.Open Pro (Todas las versiones anteriores a VA30 SP5 o VA40 SP2), SOMATOM go. Sim (Todas las versiones anteriores a VA30 SP5 o VA40 SP2), SOMATOM go.Top (Todas las versiones anteriores a VA30 SP5 o VA40 SP2), SOMATOM go. Up (Todas las versiones anteriores a VA30 SP5 o VA40 SP2), Symbia E/S (Todas las versiones VB22 anteriores a VB22A-UD03), Symbia Evo (Todas las versiones VB22 anteriores a VB22A-UD03), Symbia Intevo (Todas las versiones VB22 anteriores a VB22A-UD03), Symbia T (Todas las versiones VB22 anteriores a VB22A-UD03), Symbia. net (Todas las versiones VB22 anteriores a VB22A-UD03), syngo.via VB10 (Todas las versiones), syngo.via VB20 (Todas las versiones), syngo.via VB30 (Todas las versiones), syngo.via VB40 (Todas las versiones anteriores a VB40B HF06), syngo.via VB50 (Todas las versiones), syngo.via VB60 (Todas las versiones anteriores a VB60B HF02). La aplicaci\u00f3n deserializa datos no confiables sin suficientes comprobaciones, lo que podr\u00eda resultar en una deserializaci\u00f3n arbitraria. Esto podr\u00eda permitir a un atacante no autenticado ejecutar c\u00f3digo en el sistema afectado si los puertos 32912/tcp o 32914/tcp son alcanzables"}], "lastModified": "2024-11-21T06:59:52.537", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:biograph_horizon_pet\\/ct_systems_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F27370D-C680-4962-98E0-26B73BF68835", "versionEndExcluding": "vj30c-ud01", "versionStartIncluding": "vj30"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:biograph_horizon_pet\\/ct_systems:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "67E12730-E162-4EB1-823F-ED32390F2985"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va10b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11DD14BC-D734-4107-90F8-9E065200B385"}, {"criteria": "cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va12m:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71CB0F52-0B27-4249-AB10-C144DA10B4B2"}, {"criteria": "cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va12s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8947F537-AF6C-4C4A-8F0D-B77021F9E68A"}, {"criteria": "cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va20a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2999C4D0-4DA1-4935-A7CF-8A9E6FD701A5"}, {"criteria": "cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va30a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1729042A-ACFC-4F57-BF7A-1C65640F1B69"}, {"criteria": "cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va31a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2E75225-D1BA-4D1B-AA3B-6EE9BCD8999B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:magnetom_numaris_x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "96E21BDE-7201-4C2D-BD2D-E4BB99CB5650"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:mammomat_revelation_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "333F8BB6-BCD4-406E-A597-220F334C5E3A", "versionEndExcluding": "vc20d", "versionStartIncluding": "vc20"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:mammomat_revelation:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9CD931BD-95B8-4F60-9BC6-5C18EE17A492"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:naeotom_alpha_firmware:va40:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93E31753-21F6-40AD-92F8-2088200A761F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:naeotom_alpha:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8C3D642-2AE4-411D-BC1C-4A934AA48C2F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:somatom_x.cite_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "735363E0-944D-462A-91AA-4704FCE64CF8", "versionEndExcluding": "va30"}, {"criteria": "cpe:2.3:o:siemens:somatom_x.cite_firmware:va30:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A6BB9B4-545F-4F95-9DDF-13DB45743087"}, {"criteria": "cpe:2.3:o:siemens:somatom_x.cite_firmware:va40:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0527C89B-83CA-4246-8D64-EA473896952F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:somatom_x.cite:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C3C367EC-BC49-423D-933B-9DC048F7E78A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:somatom_x.creed_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73FB1566-BFBE-499B-95F1-4487EEF39B29", "versionEndExcluding": "va30"}, {"criteria": "cpe:2.3:o:siemens:somatom_x.creed_firmware:va30:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A07B2EBF-6088-42FE-BA9D-ED9081F7DE59"}, {"criteria": "cpe:2.3:o:siemens:somatom_x.creed_firmware:va40:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D203CB63-2B3B-4BD4-BAAA-8E3F6666058F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:somatom_x.creed:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A41CF532-3BA4-4C1F-AA78-D2F980269D76"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:somatom_go.all_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "328E32A0-325F-4E45-92AD-2D260FE05395", "versionEndExcluding": "va30"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.all_firmware:va30:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BD3C0CD-E5AB-4C4F-9051-78CDF6A2FBFE"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.all_firmware:va40:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B28D986B-38EC-4E24-B93B-EA366F41DC00"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:somatom_go.all:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5DBAA30D-8DC7-447B-9652-41DF91F1492F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:somatom_go.now_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34A4BA0F-96D7-492A-A5E1-AE8F32BA0D35", "versionEndExcluding": "va30"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.now_firmware:va30:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D978838-E6E0-4165-9654-86A21EBB0B62"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.now_firmware:va40:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE59DDD8-85E1-4F81-9F37-74DE10457FBC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:somatom_go.now:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7546A052-9C3E-4633-BD80-FF6184C2F32B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:somatom_go.open_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B228177-4BBA-4487-831A-47538FD649AB", "versionEndExcluding": "va30"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.open_pro_firmware:va30:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0331A134-AA24-4EE5-86E6-9CAF7647BC91"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.open_pro_firmware:va40:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5525AF01-B51A-4911-BFD6-98092AE95D5B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:somatom_go.open_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "111A83AD-94F0-40C1-BECA-08E00D611843"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:somatom_go.sim_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E333993-B218-42FD-9D5F-D0ECEB9D76E8", "versionEndExcluding": "va30"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.sim_firmware:va30:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54C1D98B-4273-4284-BC99-8A905B5A8509"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.sim_firmware:va40:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63C56A23-976F-4A97-82C8-CAEDFD37BE32"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:somatom_go.sim:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5AE10779-276C-4051-A128-3A009F4143F7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:somatom_go.up_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "951B855E-0D86-4D21-B1E6-35404828EC63", "versionEndExcluding": "va30"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.up_firmware:va30:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18C0CA67-79D4-41D4-9669-E36766BE07EB"}, {"criteria": "cpe:2.3:o:siemens:somatom_go.up_firmware:va40:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85809BBF-667A-4847-B09E-8BBFB3664467"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:somatom_go.up:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E0A687DA-B4C4-49CF-BC9A-8D002646A1DF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:symbia_e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BD95A1D-DA8B-4955-98B4-54E84346D04B", "versionEndExcluding": "vb22a-ud03", "versionStartIncluding": "vb22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:symbia_e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8346C32-3CF9-4D67-AB01-421DA9715131"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:symbia_s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99D8FD3E-CE88-4608-BE5F-19B1D45D213A", "versionEndExcluding": "vb22a-ud03", "versionStartIncluding": "vb22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:symbia_s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1396FD8-B019-4FBD-9196-7177916B9982"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:symbia_evo_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24079DE0-17B4-4B00-B983-6F66A66B85C0", "versionEndExcluding": "vb22a-ud03", "versionStartIncluding": "vb22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:symbia_evo:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "97C7E3B6-678A-4F8E-91E0-DD9A416CCF6E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:symbia_intevo_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A4183D3-72FC-4638-B39F-517F23147460", "versionEndExcluding": "vb22a-ud03", "versionStartIncluding": "vb22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:symbia_intevo:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "65CDCBF5-AA64-4192-ACBC-5C72B8CDE92F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:symbia_t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "425B31A9-61FD-4888-9602-2D1BDDC6F141", "versionEndExcluding": "vb22a-ud03", "versionStartIncluding": "vb22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:symbia_t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8029BBD1-26AC-46A7-9739-93B7D69DAD17"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:symbia.net:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3BCDD49-2215-4E9A-9340-48ED0152BC48", "versionEndIncluding": "vb22a-ud03", "versionStartIncluding": "vb22"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:syngo.via:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF5B8334-DD9B-4094-88E6-18F26584E204", "versionEndExcluding": "vb40b", "versionStartIncluding": "vb40"}, {"criteria": "cpe:2.3:a:siemens:syngo.via:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA1C328A-298E-43C4-A446-87DC4C2628D3", "versionEndExcluding": "vb60b", "versionStartIncluding": "vb60"}, {"criteria": "cpe:2.3:a:siemens:syngo.via:vb10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3024E14-7F2D-437F-ABAF-8DC75D3CBEC2"}, {"criteria": "cpe:2.3:a:siemens:syngo.via:vb20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC558658-5A6F-4397-9A84-62485C9C453F"}, {"criteria": "cpe:2.3:a:siemens:syngo.via:vb30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F3F610A-254D-4BEF-B8DA-C64E66630D1D"}, {"criteria": "cpe:2.3:a:siemens:syngo.via:vb40b:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FF5765F-D91F-4D2C-BB5C-709A4F7DE5A6"}, {"criteria": "cpe:2.3:a:siemens:syngo.via:vb50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E9AB3F5-75FE-4541-877F-FA5AFF24901C"}, {"criteria": "cpe:2.3:a:siemens:syngo.via:vb60b:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1204CB31-5663-4F4A-B544-F8592304E1B9"}], "operator": "OR"}]}], "sourceIdentifier": "productcert@siemens.com"}