Vulnerabilities > CVE-2022-29875 - Deserialization of Untrusted Data vulnerability in Siemens products

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

siemens

CWE-502

critical

NVD

Published: 2022-06-01

Updated: 2022-06-11

Summary

A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions < VC20D), NAEOTOM Alpha (All VA40 versions < VA40 SP2), SOMATOM X.cite (All versions < VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions < VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions < VB22A-UD03), Symbia Evo (All VB22 versions < VB22A-UD03), Symbia Intevo (All VB22 versions < VB22A-UD03), Symbia T (All VB22 versions < VB22A-UD03), Symbia.net (All VB22 versions < VB22A-UD03), syngo.via VB10 (All versions), syngo.via VB20 (All versions), syngo.via VB30 (All versions), syngo.via VB40 (All versions < VB40B HF06), syngo.via VB50 (All versions), syngo.via VB60 (All versions < VB60B HF02). The application deserialises untrusted data without sufficient validations that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system if ports 32912/tcp or 32914/tcp are reachable.

Vulnerable Configurations

Part	Description	Count
OS	Siemens Siemens Biograph Horizon Pet/Ct Systems Firmware * Siemens Magnetom Numaris X Firmware Va12M Siemens Magnetom Numaris X Firmware Va12S Siemens Magnetom Numaris X Firmware Va10B Siemens Magnetom Numaris X Firmware Va20A Siemens Magnetom Numaris X Firmware Va30A Siemens Magnetom Numaris X Firmware Va31A Siemens Mammomat Revelation Firmware * Siemens Naeotom Alpha Firmware Va40 Siemens Somatom X.Cite Firmware * Siemens Somatom X.Cite Firmware Va30 Siemens Somatom X.Cite Firmware Va40 Siemens Somatom X.Creed Firmware * Siemens Somatom X.Creed Firmware Va30 Siemens Somatom X.Creed Firmware Va40 Siemens Somatom Go.All Firmware * Siemens Somatom Go.All Firmware Va30 Siemens Somatom Go.All Firmware Va40 Siemens Somatom Go.Now Firmware * Siemens Somatom Go.Now Firmware Va30 Siemens Somatom Go.Now Firmware Va40 Siemens Somatom Go.Open PRO Firmware * Siemens Somatom Go.Open PRO Firmware Va30 Siemens Somatom Go.Open PRO Firmware Va40 Siemens Somatom Go.Sim Firmware * Siemens Somatom Go.Sim Firmware Va30 Siemens Somatom Go.Sim Firmware Va40 Siemens Somatom Go.Up Firmware * Siemens Somatom Go.Up Firmware Va30 Siemens Somatom Go.Up Firmware Va40 Siemens Symbia E Firmware * Siemens Symbia S Firmware * Siemens Symbia EVO Firmware * Siemens Symbia Intevo Firmware * Siemens Symbia T Firmware *	35
Hardware	Siemens Siemens Biograph Horizon Pet/Ct Systems - Siemens Magnetom Numaris X - Siemens Mammomat Revelation - Siemens Naeotom Alpha - Siemens Somatom X.Cite - Siemens Somatom X.Creed - Siemens Somatom Go.All - Siemens Somatom Go.Now - Siemens Somatom Go.Open PRO - Siemens Somatom Go.Sim - Siemens Somatom Go.Up - Siemens Symbia E - Siemens Symbia S - Siemens Symbia EVO - Siemens Symbia Intevo - Siemens Symbia T -	16
Application	Siemens Siemens Symbia.Net * Siemens Syngo.Via Vb10 Siemens Syngo.Via Vb20 Siemens Syngo.Via Vb30 Siemens Syngo.Via * Siemens Syngo.Via Vb40B Siemens Syngo.Via Vb60B Siemens Syngo.Via Vb50	8

Common Weakness Enumeration (CWE)

CWE-502 - Deserialization of Untrusted Data

References

https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016