Vulnerability Details : CVE-2022-29875
A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions < VC20D), NAEOTOM Alpha (All VA40 versions < VA40 SP2), SOMATOM X.cite (All versions < VA30 SP5 or VA40 SP2), SOMATOM X.creed (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.All (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Now (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Open Pro (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Sim (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Top (All versions < VA30 SP5 or VA40 SP2), SOMATOM go.Up (All versions < VA30 SP5 or VA40 SP2), Symbia E/S (All VB22 versions < VB22A-UD03), Symbia Evo (All VB22 versions < VB22A-UD03), Symbia Intevo (All VB22 versions < VB22A-UD03), Symbia T (All VB22 versions < VB22A-UD03), Symbia.net (All VB22 versions < VB22A-UD03), syngo.via VB10 (All versions), syngo.via VB20 (All versions), syngo.via VB30 (All versions), syngo.via VB40 (All versions < VB40B HF06), syngo.via VB50 (All versions), syngo.via VB60 (All versions < VB60B HF02). The application deserialises untrusted data without sufficient validations that could result in an arbitrary deserialization. This could allow an unauthenticated attacker to execute code in the affected system if ports 32912/tcp or 32914/tcp are reachable.
Vulnerability category: Execute code
Products affected by CVE-2022-29875
- Siemens » Biograph Horizon Pet/ct Systems FirmwareVersions from including (>=) vj30 and before (<) vj30c-ud01cpe:2.3:o:siemens:biograph_horizon_pet\/ct_systems_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va12m:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va12s:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va10b:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va20a:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va30a:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:magnetom_numaris_x_firmware:va31a:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:mammomat_revelation_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:naeotom_alpha_firmware:va40:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_x.cite_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_x.cite_firmware:va30:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_x.cite_firmware:va40:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_x.creed_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_x.creed_firmware:va30:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_x.creed_firmware:va40:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.all_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.all_firmware:va30:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.all_firmware:va40:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.now_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.now_firmware:va30:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.now_firmware:va40:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.open_pro_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.open_pro_firmware:va30:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.open_pro_firmware:va40:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.sim_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.sim_firmware:va30:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.sim_firmware:va40:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.up_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.up_firmware:va30:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:somatom_go.up_firmware:va40:-:*:*:*:*:*:*
- cpe:2.3:o:siemens:symbia_e_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:symbia_s_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:symbia_evo_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:symbia_intevo_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:symbia_t_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:symbia.net:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:syngo.via:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:syngo.via:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:syngo.via:vb10:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:syngo.via:vb20:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:syngo.via:vb30:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:syngo.via:vb40b:-:*:*:*:*:*:*
- cpe:2.3:a:siemens:syngo.via:vb60b:-:*:*:*:*:*:*
- cpe:2.3:a:siemens:syngo.via:vb50:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-29875
0.21%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-29875
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2022-29875
-
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.Assigned by:
- nvd@nist.gov (Primary)
- productcert@siemens.com (Secondary)
References for CVE-2022-29875
-
https://www.siemens-healthineers.com/support-documentation/cybersecurity/shsa-455016
Siemens Healthineers Security AdvisoriesMitigation;Vendor Advisory
Jump to