Detections
Analytics

Siemens SCALANCE X-200 and X-200IRT Families Improper Neutralization of Input During Web Page Generation (CVE-2022-40631)

medium Tenable OT Security Plugin ID 500778

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-2P IRT (All versions < V5.5.0), SCALANCE X202-2P IRT PRO (All versions < V5.5.0), SCALANCE X204-2 (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X204IRT (All versions < V5.5.0), SCALANCE X204IRT PRO (All versions < V5.5.0), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < V5.5.0), SCALANCE XF202-2P IRT (All versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204-2 (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < V5.5.0), SCALANCE XF204IRT (All versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.0). There is a cross-site scripting vulnerability on the affected devices, that if used by a threat actor, it could result in session hijacking.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Siemens has released updates for the affected products and recommends users to update to the latest versions:

- SCALANCE X200-4P IRT (6GK5200-4AH00-2BA3): Update to V5.5.0 or later
- SCALANCE X201-3P IRT (6GK5201-3BH00-2BA3): Update to V5.5.0 or later
- SCALANCE X201-3P IRT PRO (6GK5201-3JR00-2BA6): Update to V5.5.0 or later
- SCALANCE X202-2IRT (6GK5202-2BB10-2BA3): Update to V5.5.0 or later
- SCALANCE X202-2P IRT (6GK5202-2BH00-2BA3): Update to V5.5.0 or later
- SCALANCE X202-2P IRT PRO (6GK5202-2JR00-2BA6): Update to V5.5.0 or later
- SCALANCE X204-2 (6GK5204-2BB10-2AA3): Update to V5.2.5 or later
- SCALANCE X204-2FM (6GK5204-2BB11-2AA3): Update to V5.2.5 or later
- SCALANCE X204-2LD (6GK5204-2BC10-2AA3): Update to V5.2.5 or later
- SCALANCE X204-2LD TS (6GK5204-2BC10-2CA2): Update to V5.2.5 or later
- SCALANCE X204-2TS (6GK5204-2BB10-2CA2): Update to V5.2.5 or later
- SCALANCE X204IRT (6GK5204-0BA00-2BA3): Update to V5.5.0 or later
- SCALANCE X204IRT PRO (6GK5204-0JA00-2BA6): Update to V5.5.0 or later
- SCALANCE X206-1 (6GK5206-1BB10-2AA3): Update to V5.2.5 or later
- SCALANCE X206-1LD (6GK5206-1BC10-2AA3): Update to V5.2.5 or later
- SCALANCE X208 (6GK5208-0BA10-2AA3): Update to V5.2.5 or later
- SCALANCE X208PRO (6GK5208-0HA10-2AA6): Update to V5.2.5 or later
- SCALANCE X212-2 (6GK5212-2BB00-2AA3): Update to V5.2.5 or later
- SCALANCE X212-2LD (6GK5212-2BC00-2AA3): Update to V5.2.5 or later
- SCALANCE X216 (6GK5216-0BA00-2AA3): Update to V5.2.5 or later
- SCALANCE X224 (6GK5224-0BA00-2AA3): Update to V5.2.5 or later
- SCALANCE XF201-3P IRT (6GK5201-3BH00-2BD2): Update to V5.5.0 or later
- SCALANCE XF202-2P IRT (6GK5202-2BH00-2BD2): Update to V5.5.0 or later
- SCALANCE XF204 (6GK5204-0BA00-2AF2): Update to V5.2.5 or later
- SCALANCE XF204-2 (6GK5204-2BC00-2AF2): Update to V5.2.5 or later
- SCALANCE XF204-2BA IRT (6GK5204-2AA00-2BD2): Update to V5.5.0 or later
- SCALANCE XF204IRT (6GK5204-0BA00-2BF2): Update to V5.5.0 or later
- SCALANCE XF206-1 (6GK5206-1BC00-2AF2): Update to V5.2.5 or later
- SCALANCE XF208 (6GK5208-0BA00-2AF2): Update to V5.2.5 or later
- SIPLUS NET SCALANCE X202-2P IRT (6AG1202-2BH00-2BA3): Update to V5.5.0 or later

As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for industrial security and following recommendations in the product manuals.

Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage

For more information, see Siemens Security Advisory SSA-501891 in HTML or CSAF formats.

See Also

https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf

https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-15

Plugin Details

Severity: Medium

ID: 500778

Version: 1.8

Type: remote

Family: Tenable.ot

Published: 1/25/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2022-40631

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:scalance_x204-2ld_ts_firmware, cpe:/o:siemens:scalance_x224_firmware, cpe:/o:siemens:scalance_xf204-2ba_irt_firmware, cpe:/o:siemens:scalance_x206-1_firmware, cpe:/o:siemens:scalance_xf206-1_firmware, cpe:/o:siemens:scalance_x204-2ts_firmware, cpe:/o:siemens:scalance_x204irt_firmware, cpe:/o:siemens:scalance_x206-1ld_firmware, cpe:/o:siemens:scalance_xf204irt_firmware, cpe:/o:siemens:scalance_x204-2_firmware, cpe:/o:siemens:scalance_x204-2ld_firmware, cpe:/o:siemens:scalance_x204-2fm_firmware, cpe:/o:siemens:scalance_x201-3p_irt_pro_firmware, cpe:/o:siemens:scalance_xf201-3p_irt_firmware, cpe:/o:siemens:scalance_x208_firmware, cpe:/o:siemens:scalance_x201-3p_irt_firmware, cpe:/o:siemens:scalance_xf204-2_firmware, cpe:/o:siemens:scalance_x202-2p_irt_pro_firmware, cpe:/o:siemens:siplus_net_scalance_x202-2p_irt_firmware, cpe:/o:siemens:scalance_x200-4p_irt_firmware, cpe:/o:siemens:scalance_x212-2ld_firmware, cpe:/o:siemens:scalance_x212-2_firmware, cpe:/o:siemens:scalance_x202-2p_irt_firmware, cpe:/o:siemens:scalance_x208pro_firmware, cpe:/o:siemens:scalance_xf208_firmware, cpe:/o:siemens:scalance_x204irt_pro_firmware, cpe:/o:siemens:scalance_x202-2irt_firmware, cpe:/o:siemens:scalance_xf204_firmware, cpe:/o:siemens:scalance_x216_firmware, cpe:/o:siemens:scalance_xf202-2p_irt_firmware

Required KB Items: Tenable.ot/Siemens

Exploit Ease: No known exploits are available

Patch Publication Date: 10/11/2022

Vulnerability Publication Date: 10/11/2022

Reference Information

CVE: CVE-2022-40631

CWE: 79

ICSA: 22-286-15