PatchSiren cyber security CVE debrief
CVE-2022-22128 Siemens CVE debrief
CVE-2022-22128 is a critical Siemens Opcenter Intelligence issue involving path traversal in an internal file transfer service. According to the advisory metadata, successful exploitation could allow remote code execution. The CVSS vector indicates network reachability with no privileges or user interaction required, and high impact to confidentiality, integrity, and availability. Siemens advises updating to V2501 or later and installing the latest available version as described in the vendor guidance.
- Vendor
- Siemens
- Product
- Opcenter Intelligence
- CVSS
- CRITICAL 9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-05-06
Who should care
Siemens Opcenter Intelligence administrators, OT/industrial control system operators, vulnerability management teams, and security responders responsible for network-exposed or enterprise-managed Siemens deployments.
Technical summary
The CISA CSAF advisory identifies a path traversal vulnerability in Siemens Opcenter Intelligence. The affected component is the product’s internal file transfer service. The provided CVSS 3.1 vector is AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H, which supports a high-severity assessment with potential remote code execution impact if successfully exploited. The advisory’s remediation points to Siemens version V2501 or later.
Defensive priority
High priority. This is a critical, network-reachable vulnerability with no privileges or user interaction required per the supplied CVSS vector, and the stated impact includes potential remote code execution.
Recommended defensive actions
- Update Siemens Opcenter Intelligence to V2501 or later, following the vendor guidance referenced in the Siemens advisory.
- Inventory all Opcenter Intelligence deployments and confirm which systems are affected.
- Limit access to the internal file transfer service to trusted hosts and segment industrial environments where possible.
- Review exposure of any network-facing or cross-zone pathways that could reach the affected service.
- Track the Siemens advisory and apply the latest available vendor-recommended version as soon as change control allows.
Evidence notes
This debrief follows the advisory metadata in the supplied CISA CSAF source for Siemens Opcenter Intelligence. The source corpus contains an internal description text that references Tableau Server Administration Agent, which conflicts with the advisory title, vendor, affected product, and remediation data identifying Siemens Opcenter Intelligence. For that reason, the debrief relies on the product and remediation metadata rather than the mismatched description text. The advisory was published on 2025-02-11 and revised on 2025-05-06 for typo fixes.
Official resources
-
CVE-2022-22128 CVE record
CVE.org
-
CVE-2022-22128 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Published 2025-02-11T00:00:00.000Z; revised 2025-05-06T06:00:00.000Z (typo fix only).