CVE-2022-29875

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-29875
A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions < VC20D), NAEOTOM Alpha (All VA40 versions < VA40 SP2), SOMATOM X.cite (All versions < VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions < VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions < VB22A-UD03), Symbia Evo (All VB22 versions < VB22A-UD03), Symbia Intevo (All VB22 versions < VB22A-UD03), Symbia T (All VB22 versions < VB22A-UD03), Symbia.net (All VB22 versions < VB22A-UD03), syngo.via VB10 (All versions), syngo.via VB20 (All versions), syngo.via VB30 (All versions), syngo.via VB40 (All versions < VB40B HF06), syngo.via VB50 (All versions), syngo.via VB60 (All versions < VB60B HF02). The application deserialises untrusted data without sufficient validations that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system if ports 32912/tcp or 32914/tcp are reachable.

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

9.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016 Mitigation Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:biograph_horizon_pet\/ct_systems_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:biograph_horizon_pet\/ct_systems:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va10b:*:*:*:*:*:*:*
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va12m:*:*:*:*:*:*:*
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va12s:*:*:*:*:*:*:*
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va20a:*:*:*:*:*:*:*
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va30a:*:*:*:*:*:*:*
cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va31a:*:*:*:*:*:*:*
cpe:2.3:h:siemens:magnetom_numaris_x:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:mammomat_revelation_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:mammomat_revelation:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:naeotom_alpha_firmware:va40:-:*:*:*:*:*:*
cpe:2.3:h:siemens:naeotom_alpha:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
OR cpe:2.3:o:siemens:somatom_x.cite_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_x.cite_firmware:va30:-:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_x.cite_firmware:va40:-:*:*:*:*:*:*
cpe:2.3:h:siemens:somatom_x.cite:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
OR cpe:2.3:o:siemens:somatom_x.creed_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_x.creed_firmware:va30:-:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_x.creed_firmware:va40:-:*:*:*:*:*:*
cpe:2.3:h:siemens:somatom_x.creed:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
OR cpe:2.3:o:siemens:somatom_go.all_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.all_firmware:va30:-:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.all_firmware:va40:-:*:*:*:*:*:*
cpe:2.3:h:siemens:somatom_go.all:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
OR cpe:2.3:o:siemens:somatom_go.now_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.now_firmware:va30:-:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.now_firmware:va40:-:*:*:*:*:*:*
cpe:2.3:h:siemens:somatom_go.now:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
OR cpe:2.3:o:siemens:somatom_go.open_pro_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.open_pro_firmware:va30:-:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.open_pro_firmware:va40:-:*:*:*:*:*:*
cpe:2.3:h:siemens:somatom_go.open_pro:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
OR cpe:2.3:o:siemens:somatom_go.sim_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.sim_firmware:va30:-:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.sim_firmware:va40:-:*:*:*:*:*:*
cpe:2.3:h:siemens:somatom_go.sim:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
OR cpe:2.3:o:siemens:somatom_go.up_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.up_firmware:va30:-:*:*:*:*:*:*
cpe:2.3:o:siemens:somatom_go.up_firmware:va40:-:*:*:*:*:*:*
cpe:2.3:h:siemens:somatom_go.up:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:symbia_e_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:symbia_e:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:symbia_s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:symbia_s:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:siemens:symbia_evo_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:symbia_evo:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:siemens:symbia_intevo_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:symbia_intevo:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:siemens:symbia_t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:symbia_t:-:*:*:*:*:*:*:*

Configuration 17 (hide)

cpe:2.3:a:siemens:symbia.net:*:*:*:*:*:*:*:*

Configuration 18 (hide)

OR cpe:2.3:a:siemens:syngo.via:vb10:*:*:*:*:*:*:*
cpe:2.3:a:siemens:syngo.via:vb20:*:*:*:*:*:*:*
cpe:2.3:a:siemens:syngo.via:vb30:*:*:*:*:*:*:*
cpe:2.3:a:siemens:syngo.via:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:syngo.via:vb40b:-:*:*:*:*:*:*
cpe:2.3:a:siemens:syngo.via:vb60b:-:*:*:*:*:*:*
cpe:2.3:a:siemens:syngo.via:vb50:*:*:*:*:*:*:*
cpe:2.3:a:siemens:syngo.via:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2022-06-01 10:15

Updated : 2022-06-11 00:45

NVD link : CVE-2022-29875

Mitre link : CVE-2022-29875

JSON object : View

Products Affected

siemens

  • symbia_t_firmware
  • symbia_s_firmware
  • somatom_x.cite
  • symbia_s
  • somatom_go.open_pro_firmware
  • magnetom_numaris_x_firmware
  • somatom_x.creed
  • somatom_go.up_firmware
  • naeotom_alpha_firmware
  • mammomat_revelation_firmware
  • somatom_x.creed_firmware
  • biograph_horizon_pet\/ct_systems
  • symbia_evo
  • symbia_intevo
  • somatom_go.all_firmware
  • naeotom_alpha
  • symbia_e_firmware
  • symbia_intevo_firmware
  • symbia.net
  • symbia_e
  • somatom_go.now_firmware
  • somatom_go.up
  • mammomat_revelation
  • syngo.via
  • somatom_x.cite_firmware
  • magnetom_numaris_x
  • symbia_evo_firmware
  • symbia_t
  • somatom_go.sim_firmware
  • somatom_go.all
  • somatom_go.now
  • biograph_horizon_pet\/ct_systems_firmware
  • somatom_go.sim
  • somatom_go.open_pro
CWE
CWE-502

Deserialization of Untrusted Data