Multiple Vulnerabilities in SINEC INS before V1.0 SP2 Update 1

Act Now9.9SSA-332410Jan 10, 2023

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

SINEC INS versions before V1.0 SP2 Update 1 contain multiple vulnerabilities including arbitrary file read/write and command execution issues. These vulnerabilities also include weaknesses in third-party components. An attacker with valid credentials and network access could exploit these issues to compromise the SINEC INS device and potentially the industrial network it manages.

What this means

What could happen

An attacker with network access and valid credentials could read and write arbitrary files on the SINEC INS server and execute commands, potentially compromising the security of your industrial network management and all connected devices it monitors.

Who's at risk

Water and electric utilities, industrial plants, and any organization using Siemens SINEC INS for industrial network management and monitoring. This software is typically deployed on engineering workstations or dedicated servers that provide visibility and control across your OT infrastructure.

How it could be exploited

An attacker with valid credentials would connect to the SINEC INS device over the network. Through file system vulnerabilities (arbitrary read/write), they could modify system files or upload malicious code. Once code execution is achieved, the attacker gains full control of the SINEC INS device, which manages and monitors your industrial network infrastructure.

Prerequisites

Network access to SINEC INS (port and protocol vary by deployment)
Valid user credentials for SINEC INS authentication
Knowledge of file paths or web endpoints to exploit

Remotely exploitableRequires valid credentialsHigh EPSS score (89.6%)Arbitrary file read/write capabilityRemote code execution possibleAffects network management systems

Exploitability

High exploit probability (EPSS 89.6%)

Affected products (1)

ProductAffected VersionsFix Status

SINEC INS< V1.0 SP2 Update 11.0 SP2 Update 1

Remediation & Mitigation

0/1

Do now

0/1

HOTFIXUpdate SINEC INS to version 1.0 SP2 Update 1 or later

CVEs (12)

CVE-2022-2068 CVE-2022-2097 CVE-2022-2274 CVE-2022-32212 CVE-2022-32213 CVE-2022-32215 CVE-2022-32222 CVE-2022-35255 CVE-2022-35256 CVE-2022-45092 CVE-2022-45093 CVE-2022-45094

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/808416da-7fb1-4828-a123-a57ea129d4b8