Detections
Analytics
Siemens SICAM P850 and P855 Devices Session Fixation (CVE-2022-40226)
high Tenable OT Security Plugin ID 501121
Synopsis
The remote OT asset is affected by a vulnerability.Description
A vulnerability has been identified in SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices accept user defined session cookies and do not renew the session cookie after login/logout. This could allow an attacker to take over another user's session after login.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.Siemens has released updates for the affected products and recommends updating to the latest versions:
- SICAM P850 devices: Update to v3.10 or later
- SICAM P855 devices: Update to v3.10 or later
Siemens has identified the following specific workarounds and mitigations users can apply to reduce risk:
- Avoid accessing links from untrusted sources while logged in to SICAM P850 or SICAM P855 devices
Siemens recommends operators check for appropriate resilient protection measures; the risk of cyber incidents impacting the grid's reliability can be minimized by virtue of the grid design.
Siemens strongly recommends applying the provided security updates using the corresponding tooling and documented procedures made available with the product. If supported by the product, an automated application of security updates across multiple product instances may be used. Siemens strongly recommends users to validate any security update before application; Siemens recommends the update process be supervised by trained staff in the target environment.
As a general security measure, Siemens strongly recommends protecting network access with appropriate mechanisms, such as firewalls, network segmentation, or use of virtual private networks (VPNs). It is advised to configure the environment according to Siemens’ operational guidelines to run the devices in a protected IT environment.
For additional resources, users should review Siemens’ security guidelines.
For more information, see Siemens Security Advisory SSA-572005 in HTML or CSAF.
See Also
https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-09
Plugin Details
Severity: High
ID: 501121
Version: 1.4
Type: remote
Family: Tenable.ot
Published: 5/9/2023
Updated: 3/4/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 5.2
CVSS v2
Risk Factor: High
Base Score: 8.5
Temporal Score: 6.3
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:N
CVSS Score Source: CVE-2022-40226
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.1
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:siemens:7kg8500-0aa00-0aa0_firmware, cpe:/o:siemens:7kg8500-0aa00-2aa0_firmware, cpe:/o:siemens:7kg8500-0aa10-0aa0_firmware, cpe:/o:siemens:7kg8500-0aa10-2aa0_firmware, cpe:/o:siemens:7kg8500-0aa30-0aa0_firmware, cpe:/o:siemens:7kg8500-0aa30-2aa0_firmware, cpe:/o:siemens:7kg8501-0aa01-0aa0_firmware, cpe:/o:siemens:7kg8501-0aa01-2aa0_firmware, cpe:/o:siemens:7kg8501-0aa02-0aa0_firmware, cpe:/o:siemens:7kg8501-0aa02-2aa0_firmware, cpe:/o:siemens:7kg8501-0aa11-0aa0_firmware, cpe:/o:siemens:7kg8501-0aa11-2aa0_firmware, cpe:/o:siemens:7kg8501-0aa12-0aa0_firmware, cpe:/o:siemens:7kg8501-0aa12-2aa0_firmware, cpe:/o:siemens:7kg8501-0aa31-0aa0_firmware, cpe:/o:siemens:7kg8501-0aa31-2aa0_firmware, cpe:/o:siemens:7kg8501-0aa32-0aa0_firmware, cpe:/o:siemens:7kg8501-0aa32-2aa0_firmware, cpe:/o:siemens:7kg8550-0aa00-0aa0_firmware, cpe:/o:siemens:7kg8550-0aa00-2aa0_firmware, cpe:/o:siemens:7kg8550-0aa10-0aa0_firmware, cpe:/o:siemens:7kg8550-0aa10-2aa0_firmware, cpe:/o:siemens:7kg8550-0aa30-0aa0_firmware, cpe:/o:siemens:7kg8550-0aa30-2aa0_firmware, cpe:/o:siemens:7kg8551-0aa01-0aa0_firmware, cpe:/o:siemens:7kg8551-0aa01-2aa0_firmware, cpe:/o:siemens:7kg8551-0aa02-0aa0_firmware, cpe:/o:siemens:7kg8551-0aa02-2aa0_firmware, cpe:/o:siemens:7kg8551-0aa11-0aa0_firmware, cpe:/o:siemens:7kg8551-0aa11-2aa0_firmware, cpe:/o:siemens:7kg8551-0aa12-0aa0_firmware, cpe:/o:siemens:7kg8551-0aa12-2aa0_firmware, cpe:/o:siemens:7kg8551-0aa31-0aa0_firmware, cpe:/o:siemens:7kg8551-0aa31-2aa0_firmware, cpe:/o:siemens:7kg8551-0aa32-0aa0_firmware, cpe:/o:siemens:7kg8551-0aa32-2aa0_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 10/11/2022
Vulnerability Publication Date: 10/11/2022
Reference Information
CVE: CVE-2022-40226
CWE: 384