CVE-2022-44731

MEDIUM

SIMATIC WinCC OA - Command Injection

Title source: llm

Description

A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions < V3.15 P038), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMATIC WinCC OA V3.18 (All versions < V3.18 P014). The affected component allows to inject custom arguments to the Ultralight Client backend application under certain circumstances. This could allow an authenticated remote attacker to inject arbitrary parameters when starting the client via the web interface (e.g., open attacker chosen panels with the attacker's credentials or start a Ctrl script).

References (1)

[Patch, Vendor Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-547714.pdf

Scores

CVSS v3 5.4

EPSS 0.0019

EPSS Percentile 41.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Classification

CWE

CWE-88

Status published

Affected Products (4)

siemens/simatic_wincc_oa

Timeline

Published Dec 13, 2022

Tracked Since Feb 18, 2026