CVE-2022-34660
published 2022-08-10CVE-2022-34660: A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.09%
61.2th percentile
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | teamcenter | >= 12.4 < 12.4.0.15 | 12.4.0.15 |
| siemens | teamcenter | >= 13.0 < 13.0.0.10 | 13.0.0.10 |
| siemens | teamcenter | >= 13.1 < 13.1.0.10 | 13.1.0.10 |
| siemens | teamcenter | >= 13.2 < 13.2.0.9 | 13.2.0.9 |
| siemens | teamcenter | >= 13.3 < 13.3.0.5 | 13.3.0.5 |
| siemens | teamcenter | >= 14.0 < 14.0.0.2 | 14.0.0.2 |
| siemens | teamcenter_v12.4 | — | — |
| siemens | teamcenter_v13.0 | — | — |
| siemens | teamcenter_v13.1 | — | — |
| siemens | teamcenter_v13.2 | — | — |
| siemens | teamcenter_v13.3 | — | — |
| siemens | teamcenter_v14.0 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2022-34660 targets the File Server Cache service in Siemens Teamcenter, which is vulnerable to command injection enabling remote code execution. Monitor for anomalous or unexpected commands/processes spawned by the File Server Cache service. ↗
- →The File Server Cache service listens on port 4544/tcp. Restrict and monitor inbound connections to this port; unexpected external connections to 4544/tcp on Teamcenter hosts are a strong indicator of exploitation attempts. ↗
- →The vulnerability requires network-accessible Teamcenter instances (AV:N). Alert on remote connections to Teamcenter File Server Cache service from untrusted or unexpected IP addresses. ↗
- ·Attack complexity is HIGH and requires HIGH privileges and user interaction (CVSS vector AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H), meaning exploitation is not trivial and requires an authenticated, privileged attacker with some form of user interaction — tune detection thresholds accordingly. ↗
- ·No known public exploits exist for this vulnerability at time of advisory publication, reducing immediate mass-exploitation risk but not eliminating targeted attack risk. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-99fp-fmrp-pwj6: A vulnerability has been identified in Teamcenter V12
ghsa_unreviewed·2022-08-11
CVE-2022-34660 [CRITICAL] CWE-77 GHSA-99fp-fmrp-pwj6: A vulnerability has been identified in Teamcenter V12
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.15), Teamcenter V13.0 (All versions < V13.0.0.10), Teamcenter V13.1 (All versions < V13.1.0.10), Teamcenter V13.2 (All versions < V13.2.0.9), Teamcenter V13.3 (All versions < V13.3.0.5), Teamcenter V14.0 (All versions < V14.0.0.2). File Server Cache service in Teamcenter consist of a functionality that is vulnerable to command injection. This could potentially allow an attacker to perform remote code execution.
CISA ICS
Siemens Teamcenter
cisa_ics·2022-08-16·CVSS 9.8
[CRITICAL] Siemens Teamcenter
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens Teamcenter
Last RevisedAugust 16, 2022
Alert CodeICSA-22-223-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.6
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: Teamcenter
- Vulnerabilities: Command Injection, Infinite Loop
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could lead to command injection and denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Teamcenter, a product lifecycle management software, are affected:
- Teamcenter v12.4: All versions prio
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-08-10
Published