CVE-2022-29873

Vulnerability

An improper parameter validation vulnerability exists in the web interface of SICAM T devices on all versions prior to V3.0 [1][2]. The affected devices do not properly validate parameters of certain GET and POST requests, which can be exploited without authentication [1].

Exploitation

An unauthenticated attacker with network access to the affected device can send specially crafted GET or POST requests to the web interface [2]. No prior authentication or user interaction is required. The attacker can manipulate parameters to trigger the vulnerability, potentially setting the device to a denial of service state or controlling the program counter to execute arbitrary code [1].

Impact

Successful exploitation can result in denial of service (compromising availability) or arbitrary code execution with full control over the device, potentially allowing the attacker to compromise confidentiality, integrity, and availability of the device and its data [1][2]. The CVSS v3.1 base score for this vulnerability is 9.9, indicating critical severity [2].

Mitigation

Siemens has released version V3.00 for SICAM T as the fixed version [2]. Users must update to V3.00 or later to remediate the vulnerability. As workarounds, Siemens recommends restricting access to port 443/tcp to trusted IP addresses only and avoiding accessing links from untrusted sources while logged in to SICAM T [2]. The vulnerability is not yet listed in the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.