Strix
26.1K

CVE-2022-34820

HIGHCVSS 8.4/10EPSS 1.65%

Last modified

CVE-2022-34820 is a high-severity vulnerability rated 8.4/10 on the CVSS scale. A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application does not correctly escape some user provided fields during the authentication process. EPSS estimates a 1.65% chance of exploitation in the next 30 days.

Description

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges.

Metrics

CVSS 3.1
8.4/10

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS Probability
1.65%

73.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
SiemensSimatic Cp 1242-7 V2 Firmware< 3.3.46
SiemensSimatic Cp 1243-1 Firmware< 3.3.46
SiemensSimatic Cp 1243-7 Lte Eu Firmware< 3.3.46
SiemensSimatic Cp 1243-7 Lte Us Firmware< 3.3.46
SiemensSimatic Cp 1243-8 Irc Firmware< 3.3.46
SiemensSimatic Cp 1542sp-1 Irc Firmware>= 2.0, < 2.2.28
SiemensSimatic Cp 1543-1 Firmware< 3.0.22
SiemensSimatic Cp 1543sp-1 Firmware>= 2.0, < 2.2.28
SiemensSiplus Et 200sp Cp 1542sp-1 Irc Tx Rail Firmware>= 2.0, < 2.2.28
SiemensSiplus Et 200sp Cp 1543sp-1 Isec Firmware>= 2.0, < 2.2.28
SiemensSiplus Et 200sp Cp 1543sp-1 Isec Tx Rail Firmware>= 2.0, < 2.2.28
SiemensSiplus Net Cp 1242-7 V2 Firmware< 3.3.46
SiemensSiplus Net Cp 1543-1 Firmware< 3.0.22
SiemensSiplus S7-1200 Cp 1243-1 Firmware< 3.3.46
SiemensSiplus S7-1200 Cp 1243-1 Rail Firmware< 3.3.46

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2022-34820?
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges.
How severe is CVE-2022-34820?
CVE-2022-34820 has a CVSS score of 8.4/10 (HIGH severity). The EPSS model estimates a 1.65% probability of exploitation in the next 30 days.
How do I fix CVE-2022-34820?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-34820?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST