CVE-2022-33139

EPSS 1.2%CWE-603

In short

Some versions of Cerberus DMS, Desigo CC, and SIMATIC WinCC OA rely only on client-side authentication when stronger security options are disabled, allowing attackers to impersonate users or bypass authentication entirely.

Technical detail

CWE-603: Use of Client-Side Only Authentication. When server-side authentication (SSA) and Kerberos are disabled, the affected applications authenticate users solely on the client, enabling attackers to forge authentication credentials or manipulate the client-server protocol to assume arbitrary user identities without valid credentials.

Summary generated and translated by AI from the official description.

A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.

Affected products

Siemens · Cerberus DMS Siemens · Desigo CC Siemens · Desigo CC Compact Siemens · SIMATIC WinCC OA V3.16 Siemens · SIMATIC WinCC OA V3.17 Siemens · SIMATIC WinCC OA V3.18

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-836027.pdf