CVE-2022-32252 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-32252 PUBLISHED CVSS 6.5 MEDIUM

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, granting root privileges to an attacker.

EPSS 0.06% · 19.3th percentile

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

EPSS Score

0.06%

19.3th percentile

Affected Products

Vendor	Product	Versions
siemens	sinema_remote_connect_server	0
Siemens	SINEMA Remote Connect Server	0
siemens	sinema_remote_connect_server	0

Timeline

Jun 14, 2022 CVE Published
Jun 15, 2022 EPSS Score
Aug 2, 2022 EPSS Score
Sep 19, 2022 EPSS Score
Nov 5, 2022 EPSS Score
Dec 23, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 14, 2023 EPSS Score
Jul 1, 2023 EPSS Score
Aug 17, 2023 EPSS Score

References

Open in Interactive Console →