ghsa-8h6x-wrc8-g9xc
Vulnerability from github
Published
2022-05-21 00:01
Modified
2022-06-02 00:00
Severity
Details
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). An authenticated attacker could escape the WinCC Kiosk Mode by opening the printer dialog in the affected application in case no printer is installed.
{
"affected": [],
"aliases": [
"CVE-2022-24287"
],
"database_specific": {
"cwe_ids": [
"CWE-1188"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-20T13:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 8). An authenticated attacker could escape the WinCC Kiosk Mode by opening the printer dialog in the affected application in case no printer is installed.",
"id": "GHSA-8h6x-wrc8-g9xc",
"modified": "2022-06-02T00:00:34Z",
"published": "2022-05-21T00:01:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24287"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading...