CVE-2022-32257

EUVD-2022-53454
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to code execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
siemensCNA
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
siemenssinema_remote_connect_server
𝑥
< 3.2
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
siemenssinema_remote_connect_server
𝑥
< 3.2
ADP
siemenssinema_remote_connect
𝑥
< 3.2
CNA
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/html/ssa-576771.html
https://cert-portal.siemens.com/productcert/html/ssa-576771.html