Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-29878 (GCVE-0-2022-29878)
Vulnerability from cvelistv5 – Published: 2022-05-10 09:47 – Updated: 2025-12-09 10:37
VLAI?
EPSS
Summary
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device.
Severity ?
7.5 (High)
CWE
- CWE-294 - Authentication Bypass by Capture-replay
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:33:43.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SICAM T",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SICAM T (All versions \u003c V3.0). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "CWE-294: Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T10:37:46.480Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-165073.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-471761.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-29878",
"datePublished": "2022-05-10T09:47:22",
"dateReserved": "2022-04-28T00:00:00",
"dateUpdated": "2025-12-09T10:37:46.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
GSD-2022-29878
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-29878",
"description": "A vulnerability has been identified in SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device.",
"id": "GSD-2022-29878"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-29878"
],
"details": "A vulnerability has been identified in SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device.",
"id": "GSD-2022-29878",
"modified": "2023-12-13T01:19:42.528293Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-29878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P850",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
},
{
"product_name": "SICAM P855",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.00"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-294: Authentication Bypass by Capture-replay"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8500-0aa00-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8500-0aa00-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8500-0aa00-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8500-0aa00-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8500-0aa10-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8500-0aa10-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8500-0aa10-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8500-0aa10-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8500-0aa30-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8500-0aa30-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8500-0aa30-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8500-0aa30-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa01-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa01-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa01-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa01-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa02-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa02-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa02-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa02-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa11-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa11-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa11-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa11-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa12-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa12-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa12-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa12-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa31-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa31-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa31-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa31-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa32-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa32-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8501-0aa32-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8501-0aa32-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8550-0aa00-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8550-0aa00-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8550-0aa00-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8550-0aa00-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8550-0aa10-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8550-0aa10-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8550-0aa10-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8550-0aa10-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8550-0aa30-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8550-0aa30-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8550-0aa30-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8550-0aa30-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa01-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa01-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa01-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa01-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa02-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa02-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa02-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa02-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa11-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa11-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa11-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa11-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa12-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa12-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa12-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa12-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa31-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa31-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa31-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa31-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa32-0aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa32-0aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:7kg8551-0aa32-2aa0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:7kg8551-0aa32-2aa0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-29878"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability has been identified in SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "N/A",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-06-02T14:02Z",
"publishedDate": "2022-05-20T13:15Z"
}
}
}
CERTFR-2025-AVI-1083
Vulnerability from certfr_avis - Published: 2025-12-09 - Updated: 2025-12-09
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215C AC/DC/RLY (6AG1215-1BG40-2XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC CFU DIQ (6ES7655-5PX31-1XX0) versions antérieures à 2.0.0 | ||
| Siemens | SIMATIC | SIMATIC TDC CPU555 toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1500 CPU 1516-3 PN/DP (6AG1516-3AN00-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC CFU PA (6ES7655-5PX11-1XX0) versions antérieures à 2.0.0 | ||
| Siemens | SIPLUS | SIPLUS S7-1500 CPU 1511-1 PN (6AG1511-1AK00-2AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-4XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC Power Line Booster PLB, Modem Module ST (6ES7972-5AA51-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIPLUS | SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1500 CPU 1511F-1 PN (6AG1511-1FK00-2AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC ET 200eco PN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0) versions supérieures ou égales à5.1.1. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200clean, DIQ 16x24VDC/0,5A (6ES7143-7BH00-0BB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1215C DC/DC/Rly (6ES7215-1HG40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200clean, DI 16x24VDC (6ES7141-7BH00-0BB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-4XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214C DC/DC/DC (6AG1214-1AG40-5XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215FC DC/DC/DC (6AG1215-1AF40-5XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-4XB0) versions antérieures à 4.4.0 | ||
| Siemens | SICAM | SICAM T versions antérieures à 3.0 | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1215FC DC/DC/Rly (6ES7215-1HF40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0) versions antérieures à 6.0.0 | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214C AC/DC/RLY (6AG1214-1BG40-2XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1212C DC/DC/DC (6ES7212-1AE40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200eco PN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0) versions supérieures ou égales à5.1.1. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1214FC DC/DC/Rly (6ES7214-1HF40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIPLUS | SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) versions antérieures à 10.2 | ||
| Siemens | SIPLUS | SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-4XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL (6AG2212-1AE40-1XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) versions supérieures ou égales à4.2.0. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214C DC/DC/RLY (6AG1214-1HG40-4XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-5XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) versions antérieures à 1.3 | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1212FC DC/DC/DC (6ES7212-1AF40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIPLUS | SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214C AC/DC/RLY (6AG1214-1BG40-4XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200eco PN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0) versions supérieures ou égales à5.1.1. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-2XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200eco PN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0) versions supérieures ou égales à5.1.1. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-5XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1212C DC/DC/Rly (6ES7212-1HE40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) versions antérieures à 8.3 | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1212C AC/DC/RLY (6AG1212-1BE40-2XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC Power Line Booster PLB, Base Module (6ES7972-5AA10-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-2XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214C DC/DC/DC (6AG1214-1AG40-2XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC CN 4100 versions antérieures à 4.0.1 | ||
| Siemens | SIMATIC | SIMATIC TDC CP51M1 toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214FC DC/DC/RLY (6AG1214-1HF40-5XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1215FC DC/DC/DC (6ES7215-1AF40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0) versions supérieures ou égales à4.2.0. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200eco PN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0) versions supérieures ou égales à5.1.1. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1212FC DC/DC/Rly (6ES7212-1HF40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-2XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIPLUS | SIPLUS S7-1500 CPU 1516F-3 PN/DP (6AG1516-3FN00-2AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200eco PN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0) versions supérieures ou égales à5.1.1. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200clean, CM 8x IO-Link (6ES7148-7JH00-0BB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0) versions supérieures ou égales à4.2.0. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1214FC DC/DC/DC (6ES7214-1AF40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1214C DC/DC/DC (6ES7214-1AG40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1215C DC/DC/DC (6ES7215-1AG40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6ES7212-1BE40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1214C DC/DC/RLY (6AG1214-1HG40-5XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC CFU PA (6ES7655-5PX11-0XX0) versions antérieures à 2.0.0 | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC ET 200eco PN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0) versions supérieures ou égales à5.1.1. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-2XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIMATIC | SIMATIC ET 200eco PN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0) versions supérieures ou égales à5.1.1. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1500 CPU 1513-1 PN (6AG1513-1AL00-2AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-4XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1214C DC/DC/Rly (6ES7214-1HG40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0) versions antérieures à 4.4.0 | ||
| Siemens | SIMATIC | SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) toutes versions pour la vulnérabilité CVE-2025-40820 | ||
| Siemens | SIPLUS | SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200eco PN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0) versions supérieures ou égales à5.1.1. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIMATIC | SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0) versions supérieures ou égales à4.2.0. L'éditeur indique que le produit ne bénéficiera pas de correctif de sécurité pour la vulnérabilité CVE-2025-40820. | ||
| Siemens | SIPLUS | SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-2XB0) versions antérieures à 4.4.0 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIPLUS S7-1200 CPU 1215C AC/DC/RLY (6AG1215-1BG40-2XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CFU DIQ (6ES7655-5PX31-1XX0) versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC TDC CPU555 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1516-3 PN/DP (6AG1516-3AN00-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CFU PA (6ES7655-5PX11-1XX0) versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1511-1 PN (6AG1511-1AK00-2AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-4XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Power Line Booster PLB, Modem Module ST (6ES7972-5AA51-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA1) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511-1 PN (6ES7511-1AK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200pro IM 154-8 PN/DP CPU (6ES7154-8AB01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 315F-2 PN/DP (6AG1315-2FJ14-2AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP-1 PN (6ES7510-1DJ00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 315F-2 PN/DP (6ES7315-2FJ14-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 315-2 PN/DP (6AG1315-2EH14-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1511F-1 PN (6AG1511-1FK00-2AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU CR60 (6ES7288-1CR60-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200eco PN, CM 8x IO-Link, M12-L (6ES7148-6JG00-0BB0) versions sup\u00e9rieures ou \u00e9gales \u00e05.1.1. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515F-2 PN (6ES7515-2FM00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200clean, DIQ 16x24VDC/0,5A (6ES7143-7BH00-0BB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 317T-3 PN/DP (6ES7317-7TK10-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU ST20 (6ES7288-1ST20-0AA1) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP-1 PN (6ES7512-1DK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1215C DC/DC/Rly (6ES7215-1HG40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200pro IM 154-8F PN/DP CPU (6ES7154-8FB01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 317F-2 PN/DP (6ES7317-2FK14-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200clean, DI 16x24VDC (6ES7141-7BH00-0BB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-4XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 319-3 PN/DP (6ES7318-3EL01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-5XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214C DC/DC/DC (6AG1214-1AG40-5XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416-3 PN/DP V7 (6ES7416-3ES07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU ST40 (6ES7288-1ST40-0AA1) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 317TF-3 PN/DP (6ES7317-7UL10-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU SR20 (6ES7288-1SR20-0AA1) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1215FC DC/DC/DC (6AG1215-1AF40-5XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 314C-2 PN/DP (6ES7314-6EH04-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-4XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SICAM T versions ant\u00e9rieures \u00e0 3.0",
"product": {
"name": "SICAM",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1215FC DC/DC/Rly (6ES7215-1HF40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 317-2 PN/DP (6ES7317-2EK14-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PN/PN Coupler (6ES7158-3AD10-0XA0) versions ant\u00e9rieures \u00e0 6.0.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214C AC/DC/RLY (6AG1214-1BG40-2XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 412-2 PN V7 (6ES7412-2EK07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1212C DC/DC/DC (6ES7212-1AE40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200eco PN, CM 4x IO-Link, M12-L (6ES7148-6JE00-0BB0) versions sup\u00e9rieures ou \u00e9gales \u00e05.1.1. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA1) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1214FC DC/DC/Rly (6ES7214-1HF40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214C DC/DC/DC RAIL (6AG2214-1AG40-1XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 317-2 PN/DP (6AG1317-2EK14-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 10.2",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 416-3 PN/DP V7 (6AG1416-3ES07-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-4XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1212C DC/DC/DC RAIL (6AG2212-1AE40-1XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) versions sup\u00e9rieures ou \u00e9gales \u00e04.2.0. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214C DC/DC/RLY (6AG1214-1HG40-4XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1512SP F-1 PN (6ES7512-1SK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 315-2 PN/DP (6ES7315-2EH14-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214 AC/DC/RLY (6AG1214-1BG40-5XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 1.3",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1212FC DC/DC/DC (6ES7212-1AF40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 314C-2 PN/DP (6AG1314-6EH04-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1214C AC/DC/Rly (6ES7214-1BG40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200pro IM 154-8FX PN/DP CPU (6ES7154-8FX00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU ST30 (6ES7288-1ST30-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414F-3 PN/DP V7 (6ES7414-3FM07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516F-3 PN/DP (6ES7516-3FN00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214C AC/DC/RLY (6AG1214-1BG40-4XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200eco PN, DIQ 16x24VDC/2A, M12-L (6ES7143-6BH00-0BB0) versions sup\u00e9rieures ou \u00e9gales \u00e05.1.1. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1212C DC/DC/DC (6AG1212-1AE40-2XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200eco PN, DI 16x24VDC, M12-L (6ES7141-6BH00-0BB0) versions sup\u00e9rieures ou \u00e9gales \u00e05.1.1. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1215 AC/DC/RLY (6AG1215-1BG40-5XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 416F-3 PN/DP V7 (6ES7416-3FS07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1212C DC/DC/Rly (6ES7212-1HE40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 8.3",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1212C AC/DC/RLY (6AG1212-1BE40-2XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Power Line Booster PLB, Base Module (6ES7972-5AA10-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214 DC/DC/RLY (6AG1214-1HG40-2XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1515-2 PN (6ES7515-2AM00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214C DC/DC/DC (6AG1214-1AG40-2XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CN 4100 versions ant\u00e9rieures \u00e0 4.0.1",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC TDC CP51M1 toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214FC DC/DC/RLY (6AG1214-1HF40-5XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1215FC DC/DC/DC (6ES7215-1AF40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN HF (6ES7155-6AU00-0CN0) versions sup\u00e9rieures ou \u00e9gales \u00e04.2.0. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1516-3 PN/DP (6ES7516-3AN00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200eco PN, DQ 8x24VDC/2A, M12-L (6ES7142-6BR00-0BB0) versions sup\u00e9rieures ou \u00e9gales \u00e05.1.1. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1212FC DC/DC/Rly (6ES7212-1HF40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1215 DC/DC/RLY (6AG1215-1HG40-2XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1516F-3 PN/DP (6AG1516-3FN00-2AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200S IM 151-8 PN/DP CPU (6ES7151-8AB01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU SR60 (6ES7288-1SR60-0AA0) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 319F-3 PN/DP (6ES7318-3FL01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200eco PN, DI 8x24VDC, M12-L (6ES7141-6BG00-0BB0) versions sup\u00e9rieures ou \u00e9gales \u00e05.1.1. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200clean, CM 8x IO-Link (6ES7148-7JH00-0BB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200S IM 151-8F PN/DP CPU (6ES7151-8FB01-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN/2 HF (6ES7155-6AU01-0CN0) versions sup\u00e9rieures ou \u00e9gales \u00e04.2.0. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1214FC DC/DC/DC (6ES7214-1AF40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1214C DC/DC/DC (6ES7214-1AG40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1513-1 PN (6ES7513-1AL00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP CPU 1510SP F-1 PN (6ES7510-1SJ00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1215C DC/DC/DC (6ES7215-1AG40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6ES7212-1BE40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1513F-1 PN (6ES7513-1FL00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1214C DC/DC/RLY (6AG1214-1HG40-5XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CFU PA (6ES7655-5PX11-0XX0) versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU SR30 (6ES7288-1SR30-0AA1) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200eco PN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0) versions sup\u00e9rieures ou \u00e9gales \u00e05.1.1. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1511F-1 PN (6ES7511-1FK00-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-2XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU SR40 (6ES7288-1SR40-0AA1) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200eco PN, CM 8x IO-Link, M12-L (6ES7148-6JJ00-0BB0) versions sup\u00e9rieures ou \u00e9gales \u00e05.1.1. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PN/MF Coupler (6ES7158-3MU10-0XA0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1500 CPU 1513-1 PN (6AG1513-1AL00-2AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-300 CPU 317F-2 PN/DP (6AG1317-2FK14-2AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1212 DC/DC/RLY (6AG1212-1HE40-4XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU 315T-3 PN/DP (6ES7315-7TJ10-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1214C DC/DC/Rly (6ES7214-1HG40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU 1215C AC/DC/Rly (6ES7215-1BG40-0XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1215C DC/DC/DC (6AG1215-1AG40-5XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 CPU 414-3 PN/DP V7 (6ES7414-3EM07-0AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-200 SMART CPU ST60 (6ES7288-1ST60-0AA1) toutes versions pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-400 CPU 414-3 PN/DP V7 (6AG1414-3EM07-7AB0) toutes versions. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200eco PN, DQ 8x24VDC/0,5A, M12-L (6ES7142-6BG00-0BB0) versions sup\u00e9rieures ou \u00e9gales \u00e05.1.1. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP IM 155-6 PN/3 HF (6ES7155-6AU30-0CN0) versions sup\u00e9rieures ou \u00e9gales \u00e04.2.0. L\u0027\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2025-40820.",
"product": {
"name": "SIMATIC",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS S7-1200 CPU 1215 DC/DC/DC (6AG1215-1AG40-2XB0) versions ant\u00e9rieures \u00e0 4.4.0",
"product": {
"name": "SIPLUS",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-41665",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41665"
},
{
"name": "CVE-2022-29879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29879"
},
{
"name": "CVE-2025-40938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40938"
},
{
"name": "CVE-2025-40820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40820"
},
{
"name": "CVE-2022-29880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29880"
},
{
"name": "CVE-2023-31238",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31238"
},
{
"name": "CVE-2025-40940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40940"
},
{
"name": "CVE-2022-29882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29882"
},
{
"name": "CVE-2022-40226",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40226"
},
{
"name": "CVE-2022-29873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29873"
},
{
"name": "CVE-2022-29874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29874"
},
{
"name": "CVE-2022-29876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29876"
},
{
"name": "CVE-2025-40941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40941"
},
{
"name": "CVE-2022-29881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29881"
},
{
"name": "CVE-2022-29872",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29872"
},
{
"name": "CVE-2022-29878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29878"
},
{
"name": "CVE-2025-40937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40937"
},
{
"name": "CVE-2025-40939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40939"
},
{
"name": "CVE-2022-43439",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43439"
},
{
"name": "CVE-2022-29883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29883"
},
{
"name": "CVE-2023-30901",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30901"
}
],
"initial_release_date": "2025-12-09T00:00:00",
"last_revision_date": "2025-12-09T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1083",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Siemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": "2025-12-09",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-416652",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-416652.html"
},
{
"published_at": "2025-12-09",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-915282",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-915282.html"
},
{
"published_at": "2025-12-09",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-471761",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-471761.html"
}
]
}
CERTFR-2022-AVI-435
Vulnerability from certfr_avis - Published: 2022-05-10 - Updated: 2022-05-10
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- SICAM P850 versions antérieures à 3.00
- Simcenter Femap versions antérieures à 2022.2
- SIMATIC NET PC Software versions 14.x antérieures à 14 SP1 Update 14
- SIMATIC NET PC Software versions 17.x antérieures à 17 SP1
- SIMATIC Process Historian OPC UA Server versions antérieures à 2020 SP1
- SIMATIC WinCC versions 7.5.x antérieures à V7.5 SP2 Update 8
- SIMATIC CP 442-1 RNA versions antérieures à 1.5.18
- SIMATIC CP 443-1 RNA versions antérieures à 1.5.18
- JT2Go versions antérieures à 13.3.0.3
- Teamcenter Visualization versions 13.3.x antérieures à 13.3.0.3
- Teamcenter Visualization versions 14.0.x antérieures à 14.0.0.1
- Desigo DXR2 versions antérieures à 01.21.142.5-22
- Desigo PXC3 versions antérieures à 01.21.142.4-18
- Desigo PXC4 versions antérieures à 02.20.142.10-10884
- Desigo PXC5 versions antérieures à 02.20.142.10-10884
- RUGGEDCOM RM1224 LTE(4G) EU et RM1224 LTE(4G) NAM versions antérieures à 7.1
- SCALANCE M804PB, M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2), M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2), M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2), M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2), M826-2 SHDSL-Router (6GK5826-2AB00-2AB2), M874-2 (6GK5874-2AA00-2AA2), M874-3 (6GK5874-3AA00-2AA2), M876-3 (EVDO) (6GK5876-3AA02-2BA2), M876-3 (ROK) (6GK5876-3AA02-2EA2), M876-4 (EU) (6GK5876-4AA00-2BA2), M876-4 (NAM) (6GK5876-4AA00-2DA2), MUM856-1 (EU) (6GK5856-2EA00-3DA1), MUM856-1 (RoW) (6GK5856-2EA00-3AA1) et S615 (6GK5615-0AA00-2AA2) versions antérieures à 7.1
- SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) versions antérieures à 3.0.22
- SIMATIC RTU3010C (6NH3112-0BA00-0XX0), RTU3030C (6NH3112-3BA00-0XX0), RTU3031C (6NH3112-3BB00-0XX0) et RTU3041C (6NH3112-4BB00-0XX0) versions antérieures à 5.0.14
- SIPLUS NET CP 1543-1 versions antérieures à 3.0.22
- OpenV2G versions antérieures à 0.9.5
- Teamcenter versions 12.4.x antérieures à 12.4.0.13
- Teamcenter versions 13.0.x antérieures à 13.0.0.9
- Teamcenter versions 13.2.x antérieures à 13.2.0.8
- Teamcenter versions 13.3.x antérieures à 13.3.0.3
- SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0), RF610R ETSI (6GT2811-6BC10-0AA0), RF610R FCC (6GT2811-6BC10-1AA0), RF615R CMIIT (6GT2811-6CC10-2AA0), RF615R ETSI (6GT2811-6CC10-0AA0), RF615R FCC (6GT2811-6CC10-1AA0), RF650R ARIB (6GT2811-6AB20-4AA0), RF650R CMIIT (6GT2811-6AB20-2AA0), RF650R ETSI (6GT2811-6AB20-0AA0), RF650R FCC (6GT2811-6AB20-1AA0), RF680R ARIB (6GT2811-6AA10-4AA0), RF680R CMIIT (6GT2811-6AA10-2AA0), RF680R ETSI (6GT2811-6AA10-0AA0), RF680R FCC (6GT2811-6AA10-1AA0), RF685R ARIB (6GT2811-6CA10-4AA0), RF685R CMIIT (6GT2811-6CA10-2AA0), RF685R ETSI (6GT2811-6CA10-0AA0) et RF685R FCC (6GT2811-6CA10-1AA0) versions 3.0.x antérieures à 4.0
- SIMATIC RF166C (6GT2002-0EE20), RF185C (6GT2002-0JE10), RF186C (6GT2002-0JE20), RF186CI (6GT2002-0JE50), RF188C (6GT2002-0JE40) et RF188CI (6GT2002-0JE60) versions 1.1.x antérieures à 1.3.2
- SIMATIC RF360R (6GT2801-5BA30) versions antérieures à 2.0
En fonction de la vulnérabilité, l'éditeur ne prévoit pas de correctif de sécurité pour les produits suivants :
- SITOP Manager toutes versions
- TeleControl Server Basic versions 3.x
- SIMATIC NET PC Software versions 15.x
- SIMATIC NET PC Software versions 16.x
- SIMATIC WinCC versions 16.x
- SIMATIC WinCC versions 17.x
- SIMATIC WinCC Runtime Professional toutes versions
- SIMATIC WinCC Unified Scada Runtime toutes versions
- SIMATIC PCS 7 versions 9.0.x et antérieures
- SIMATIC PCS 7 versions 9.1.x
- LOGO! CMR family toutes versions
- SIMATIC CP 1545-1 (6GK7545-1GX00-0XE0) toutes versions
- Teamcenter versions 13.1.x
- Teamcenter versions 14.0.x
Se référer aux mesures de contournement listées dans les avis de l'éditeur.
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eSICAM P850 versions ant\u00e9rieures \u00e0 3.00\u003c/li\u003e \u003cli\u003eSimcenter Femap versions ant\u00e9rieures \u00e0 2022.2\u003c/li\u003e \u003cli\u003eSIMATIC NET PC Software versions 14.x ant\u00e9rieures \u00e0 14 SP1 Update 14\u003c/li\u003e \u003cli\u003eSIMATIC NET PC Software versions 17.x ant\u00e9rieures \u00e0 17 SP1\u003c/li\u003e \u003cli\u003eSIMATIC Process Historian OPC UA Server versions ant\u00e9rieures \u00e0 2020 SP1\u003c/li\u003e \u003cli\u003eSIMATIC WinCC versions 7.5.x ant\u00e9rieures \u00e0 V7.5 SP2 Update 8\u003c/li\u003e \u003cli\u003eSIMATIC CP 442-1 RNA versions ant\u00e9rieures \u00e0 1.5.18\u003c/li\u003e \u003cli\u003eSIMATIC CP 443-1 RNA versions ant\u00e9rieures \u00e0 1.5.18\u003c/li\u003e \u003cli\u003eJT2Go versions ant\u00e9rieures \u00e0 13.3.0.3\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 13.3.x ant\u00e9rieures \u00e0 13.3.0.3\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.0.x ant\u00e9rieures \u00e0 14.0.0.1\u003c/li\u003e \u003cli\u003eDesigo DXR2 versions ant\u00e9rieures \u00e0 01.21.142.5-22\u003c/li\u003e \u003cli\u003eDesigo PXC3 versions ant\u00e9rieures \u00e0 01.21.142.4-18\u003c/li\u003e \u003cli\u003eDesigo PXC4 versions ant\u00e9rieures \u00e0 02.20.142.10-10884\u003c/li\u003e \u003cli\u003eDesigo PXC5 versions ant\u00e9rieures \u00e0 02.20.142.10-10884\u003c/li\u003e \u003cli\u003eRUGGEDCOM RM1224 LTE(4G) EU et RM1224 LTE(4G) NAM versions ant\u00e9rieures \u00e0 7.1\u003c/li\u003e \u003cli\u003eSCALANCE M804PB, M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2), M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2), M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2), M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2), M826-2 SHDSL-Router (6GK5826-2AB00-2AB2), M874-2 (6GK5874-2AA00-2AA2), M874-3 (6GK5874-3AA00-2AA2), M876-3 (EVDO) (6GK5876-3AA02-2BA2), M876-3 (ROK) (6GK5876-3AA02-2EA2), M876-4 (EU) (6GK5876-4AA00-2BA2), M876-4 (NAM) (6GK5876-4AA00-2DA2), MUM856-1 (EU) (6GK5856-2EA00-3DA1), MUM856-1 (RoW) (6GK5856-2EA00-3AA1) et S615 (6GK5615-0AA00-2AA2) versions ant\u00e9rieures \u00e0 7.1\u003c/li\u003e \u003cli\u003eSIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) versions ant\u00e9rieures \u00e0 3.0.22\u003c/li\u003e \u003cli\u003eSIMATIC RTU3010C (6NH3112-0BA00-0XX0), RTU3030C (6NH3112-3BA00-0XX0), RTU3031C (6NH3112-3BB00-0XX0) et RTU3041C (6NH3112-4BB00-0XX0) versions ant\u00e9rieures \u00e0 5.0.14\u003c/li\u003e \u003cli\u003eSIPLUS NET CP 1543-1 versions ant\u00e9rieures \u00e0 3.0.22\u003c/li\u003e \u003cli\u003eOpenV2G versions ant\u00e9rieures \u00e0 0.9.5\u003c/li\u003e \u003cli\u003eTeamcenter versions 12.4.x ant\u00e9rieures \u00e0 12.4.0.13\u003c/li\u003e \u003cli\u003eTeamcenter versions 13.0.x ant\u00e9rieures \u00e0 13.0.0.9\u003c/li\u003e \u003cli\u003eTeamcenter versions 13.2.x ant\u00e9rieures \u00e0 13.2.0.8\u003c/li\u003e \u003cli\u003eTeamcenter versions 13.3.x ant\u00e9rieures \u00e0 13.3.0.3\u003c/li\u003e \u003cli\u003eSIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0), RF610R ETSI (6GT2811-6BC10-0AA0), RF610R FCC (6GT2811-6BC10-1AA0), RF615R CMIIT (6GT2811-6CC10-2AA0), RF615R ETSI (6GT2811-6CC10-0AA0), RF615R FCC (6GT2811-6CC10-1AA0), RF650R ARIB (6GT2811-6AB20-4AA0), RF650R CMIIT (6GT2811-6AB20-2AA0), RF650R ETSI (6GT2811-6AB20-0AA0), RF650R FCC (6GT2811-6AB20-1AA0), RF680R ARIB (6GT2811-6AA10-4AA0), RF680R CMIIT (6GT2811-6AA10-2AA0), RF680R ETSI (6GT2811-6AA10-0AA0), RF680R FCC (6GT2811-6AA10-1AA0), RF685R ARIB (6GT2811-6CA10-4AA0), RF685R CMIIT (6GT2811-6CA10-2AA0), RF685R ETSI (6GT2811-6CA10-0AA0) et RF685R FCC (6GT2811-6CA10-1AA0) versions 3.0.x ant\u00e9rieures \u00e0 4.0\u003c/li\u003e \u003cli\u003eSIMATIC RF166C (6GT2002-0EE20), RF185C (6GT2002-0JE10), RF186C (6GT2002-0JE20), RF186CI (6GT2002-0JE50), RF188C (6GT2002-0JE40) et RF188CI (6GT2002-0JE60) versions 1.1.x ant\u00e9rieures \u00e0 1.3.2\u003c/li\u003e \u003cli\u003eSIMATIC RF360R (6GT2801-5BA30) versions ant\u00e9rieures \u00e0 2.0\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eEn fonction de la vuln\u00e9rabilit\u00e9, l\u0027\u00e9diteur ne pr\u00e9voit pas de correctif de s\u00e9curit\u00e9 pour les produits suivants :\u003c/p\u003e \u003cul\u003e \u003cli\u003eSITOP Manager toutes versions\u003c/li\u003e \u003cli\u003eTeleControl Server Basic versions 3.x\u003c/li\u003e \u003cli\u003eSIMATIC NET PC Software versions 15.x\u003c/li\u003e \u003cli\u003eSIMATIC NET PC Software versions 16.x\u003c/li\u003e \u003cli\u003eSIMATIC WinCC versions 16.x\u003c/li\u003e \u003cli\u003eSIMATIC WinCC versions 17.x\u003c/li\u003e \u003cli\u003eSIMATIC WinCC Runtime Professional toutes versions\u003c/li\u003e \u003cli\u003eSIMATIC WinCC Unified Scada Runtime toutes versions\u003c/li\u003e \u003cli\u003eSIMATIC PCS 7 versions 9.0.x et ant\u00e9rieures\u003c/li\u003e \u003cli\u003eSIMATIC PCS 7 versions 9.1.x\u003c/li\u003e \u003cli\u003eLOGO! CMR family toutes versions\u003c/li\u003e \u003cli\u003eSIMATIC CP 1545-1 (6GK7545-1GX00-0XE0) toutes versions\u003c/li\u003e \u003cli\u003eTeamcenter versions 13.1.x\u003c/li\u003e \u003cli\u003eTeamcenter versions 14.0.x\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eSe r\u00e9f\u00e9rer aux mesures de contournement list\u00e9es dans les avis de l\u0027\u00e9diteur.\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-27653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27653"
},
{
"name": "CVE-2022-24043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24043"
},
{
"name": "CVE-2022-29879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29879"
},
{
"name": "CVE-2022-24044",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24044"
},
{
"name": "CVE-2022-24041",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24041"
},
{
"name": "CVE-2022-27242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27242"
},
{
"name": "CVE-2021-22901",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
},
{
"name": "CVE-2022-24290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24290"
},
{
"name": "CVE-2022-29880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29880"
},
{
"name": "CVE-2022-24045",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24045"
},
{
"name": "CVE-2022-29882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29882"
},
{
"name": "CVE-2022-24039",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24039"
},
{
"name": "CVE-2022-24042",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24042"
},
{
"name": "CVE-2021-22924",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
},
{
"name": "CVE-2022-29033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29033"
},
{
"name": "CVE-2022-24040",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24040"
},
{
"name": "CVE-2022-24287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24287"
},
{
"name": "CVE-2021-41545",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41545"
},
{
"name": "CVE-2022-29873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29873"
},
{
"name": "CVE-2022-29801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29801"
},
{
"name": "CVE-2021-40142",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40142"
},
{
"name": "CVE-2022-29874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29874"
},
{
"name": "CVE-2022-27640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27640"
},
{
"name": "CVE-2022-29876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29876"
},
{
"name": "CVE-2022-29877",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29877"
},
{
"name": "CVE-2021-45117",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45117"
},
{
"name": "CVE-2022-29029",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29029"
},
{
"name": "CVE-2022-29881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29881"
},
{
"name": "CVE-2022-29032",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29032"
},
{
"name": "CVE-2022-29872",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29872"
},
{
"name": "CVE-2022-29878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29878"
},
{
"name": "CVE-2021-31340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31340"
},
{
"name": "CVE-2022-29031",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29031"
},
{
"name": "CVE-2022-29030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29030"
},
{
"name": "CVE-2022-29028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29028"
},
{
"name": "CVE-2022-29883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29883"
}
],
"initial_release_date": "2022-05-10T00:00:00",
"last_revision_date": "2022-05-10T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-435",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-736385 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-736385.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-732250 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-732250.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-321292 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-321292.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-787292 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-787292.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-162616 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-162616.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-553086 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-553086.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-480937 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-480937.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-626968 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-626968.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-363107 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-363107.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-789162 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-789162.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-165073 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-165073.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-662649 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-662649.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-285795 du 10 mai 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-285795.html"
}
]
}
CNVD-2022-36393
Vulnerability from cnvd - Published: 2022-05-11
VLAI Severity ?
Title
Siemens SICAM P850和SICAM P855 Devices绕过身份验证漏洞
Description
SICAM P850多功能测量装置用于采集、可视化、评估和传输电气测量变量,如交流电、交流电压、频率、功率、谐波等。SICAM P855多功能设备用于收集、显示和传输测量的电气变量,如交流电流、交流电压、功率类型、谐波等。根据电能质量标准IEC 61000-4-30收集和处理测量值和事件。
Siemens SICAM P850和SICAM P855 Devices存在安全漏洞,该漏洞是由于受影响的设备对未加密的质询响应通信期间发送的质询使用有限的范围,攻击者可利用漏洞访问设备的管理界面。
Severity
高
Patch Name
Siemens SICAM P850和SICAM P855 Devices绕过身份验证漏洞的补丁
Patch Description
SICAM P850多功能测量装置用于采集、可视化、评估和传输电气测量变量,如交流电、交流电压、频率、功率、谐波等。SICAM P855多功能设备用于收集、显示和传输测量的电气变量,如交流电流、交流电压、功率类型、谐波等。根据电能质量标准IEC 61000-4-30收集和处理测量值和事件。
Siemens SICAM P850和SICAM P855 Devices存在安全漏洞,该漏洞是由于受影响的设备对未加密的质询响应通信期间发送的质询使用有限的范围,攻击者可利用漏洞访问设备的管理界面。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下供应商提供的安全公告获得补丁信息: https://cert-portal.siemens.com/productcert/html/ssa-165073.html
Reference
https://cert-portal.siemens.com/productcert/html/ssa-165073.html
Impacted products
| Name | ['Siemens SICAM P850 (7KG8500-0AA00-0AA0) < V3.00', 'Siemens SICAM P850 (7KG8500-0AA00-2AA0) < V3.00', 'Siemens SICAM P850 (7KG8500-0AA10-0AA0) < V3.00', 'Siemens SICAM P850 (7KG8500-0AA10-2AA0) < V3.00', 'Siemens SICAM P850 (7KG8500-0AA30-0AA0) < V3.00', 'Siemens SICAM P850 (7KG8500-0AA30-2AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA01-0AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA01-2AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA02-0AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA02-2AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA11-0AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA11-2AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA12-0AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA12-2AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA31-0AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA31-2AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA32-0AA0) < V3.00', 'Siemens SICAM P850 (7KG8501-0AA32-2AA0) < V3.00', 'Siemens SICAM P855 (7KG8550-0AA00-0AA0) < V3.00', 'Siemens SICAM P855 (7KG8550-0AA00-2AA0) < V3.00', 'Siemens SICAM P855 (7KG8550-0AA10-0AA0) < V3.00', 'Siemens SICAM P855 (7KG8550-0AA10-2AA0) < V3.00', 'Siemens SICAM P855 (7KG8550-0AA30-0AA0) < V3.00', 'Siemens SICAM P855 (7KG8550-0AA30-2AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA01-0AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA01-2AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA02-0AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA02-2AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA11-0AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA11-2AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA12-0AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA12-2AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA31-0AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA31-2AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA32-0AA0) < V3.00', 'Siemens SICAM P855 (7KG8551-0AA32-2AA0) < V3.00'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2022-29878"
}
},
"description": "SICAM P850\u591a\u529f\u80fd\u6d4b\u91cf\u88c5\u7f6e\u7528\u4e8e\u91c7\u96c6\u3001\u53ef\u89c6\u5316\u3001\u8bc4\u4f30\u548c\u4f20\u8f93\u7535\u6c14\u6d4b\u91cf\u53d8\u91cf\uff0c\u5982\u4ea4\u6d41\u7535\u3001\u4ea4\u6d41\u7535\u538b\u3001\u9891\u7387\u3001\u529f\u7387\u3001\u8c10\u6ce2\u7b49\u3002SICAM P855\u591a\u529f\u80fd\u8bbe\u5907\u7528\u4e8e\u6536\u96c6\u3001\u663e\u793a\u548c\u4f20\u8f93\u6d4b\u91cf\u7684\u7535\u6c14\u53d8\u91cf\uff0c\u5982\u4ea4\u6d41\u7535\u6d41\u3001\u4ea4\u6d41\u7535\u538b\u3001\u529f\u7387\u7c7b\u578b\u3001\u8c10\u6ce2\u7b49\u3002\u6839\u636e\u7535\u80fd\u8d28\u91cf\u6807\u51c6IEC 61000-4-30\u6536\u96c6\u548c\u5904\u7406\u6d4b\u91cf\u503c\u548c\u4e8b\u4ef6\u3002\n\nSiemens SICAM P850\u548cSICAM P855 Devices\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5bf9\u672a\u52a0\u5bc6\u7684\u8d28\u8be2\u54cd\u5e94\u901a\u4fe1\u671f\u95f4\u53d1\u9001\u7684\u8d28\u8be2\u4f7f\u7528\u6709\u9650\u7684\u8303\u56f4\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8bbf\u95ee\u8bbe\u5907\u7684\u7ba1\u7406\u754c\u9762\u3002",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-165073.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2022-36393",
"openTime": "2022-05-11",
"patchDescription": "SICAM P850\u591a\u529f\u80fd\u6d4b\u91cf\u88c5\u7f6e\u7528\u4e8e\u91c7\u96c6\u3001\u53ef\u89c6\u5316\u3001\u8bc4\u4f30\u548c\u4f20\u8f93\u7535\u6c14\u6d4b\u91cf\u53d8\u91cf\uff0c\u5982\u4ea4\u6d41\u7535\u3001\u4ea4\u6d41\u7535\u538b\u3001\u9891\u7387\u3001\u529f\u7387\u3001\u8c10\u6ce2\u7b49\u3002SICAM P855\u591a\u529f\u80fd\u8bbe\u5907\u7528\u4e8e\u6536\u96c6\u3001\u663e\u793a\u548c\u4f20\u8f93\u6d4b\u91cf\u7684\u7535\u6c14\u53d8\u91cf\uff0c\u5982\u4ea4\u6d41\u7535\u6d41\u3001\u4ea4\u6d41\u7535\u538b\u3001\u529f\u7387\u7c7b\u578b\u3001\u8c10\u6ce2\u7b49\u3002\u6839\u636e\u7535\u80fd\u8d28\u91cf\u6807\u51c6IEC 61000-4-30\u6536\u96c6\u548c\u5904\u7406\u6d4b\u91cf\u503c\u548c\u4e8b\u4ef6\u3002\r\n\r\nSiemens SICAM P850\u548cSICAM P855 Devices\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5bf9\u672a\u52a0\u5bc6\u7684\u8d28\u8be2\u54cd\u5e94\u901a\u4fe1\u671f\u95f4\u53d1\u9001\u7684\u8d28\u8be2\u4f7f\u7528\u6709\u9650\u7684\u8303\u56f4\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8bbf\u95ee\u8bbe\u5907\u7684\u7ba1\u7406\u754c\u9762\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Siemens SICAM P850\u548cSICAM P855 Devices\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Siemens SICAM P850 (7KG8500-0AA00-0AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8500-0AA00-2AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8500-0AA10-0AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8500-0AA10-2AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8500-0AA30-0AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8500-0AA30-2AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA01-0AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA01-2AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA02-0AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA02-2AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA11-0AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA11-2AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA12-0AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA12-2AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA31-0AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA31-2AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA32-0AA0) \u003c V3.00",
"Siemens SICAM P850 (7KG8501-0AA32-2AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8550-0AA00-0AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8550-0AA00-2AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8550-0AA10-0AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8550-0AA10-2AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8550-0AA30-0AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8550-0AA30-2AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA01-0AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA01-2AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA02-0AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA02-2AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA11-0AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA11-2AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA12-0AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA12-2AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA31-0AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA31-2AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA32-0AA0) \u003c V3.00",
"Siemens SICAM P855 (7KG8551-0AA32-2AA0) \u003c V3.00"
]
},
"referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-165073.html",
"serverity": "\u9ad8",
"submitTime": "2022-05-11",
"title": "Siemens SICAM P850\u548cSICAM P855 Devices\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e"
}
GHSA-8Q94-GG4R-Q969
Vulnerability from github – Published: 2022-05-21 00:01 – Updated: 2025-12-09 18:30
VLAI?
Details
A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device.
Severity ?
8.1 (High)
{
"affected": [],
"aliases": [
"CVE-2022-29878"
],
"database_specific": {
"cwe_ids": [
"CWE-294"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-05-20T13:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P850 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00), SICAM P855 (All versions \u003c V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device.",
"id": "GHSA-8q94-gg4r-q969",
"modified": "2025-12-09T18:30:26Z",
"published": "2022-05-21T00:01:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29878"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-165073.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-471761.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2022-29878
Vulnerability from fkie_nvd - Published: 2022-05-20 13:15 - Updated: 2025-12-09 16:17
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device.
References
| URL | Tags | ||
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-165073.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-471761.html | ||
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | 7kg8500-0aa00-0aa0_firmware | * | |
| siemens | 7kg8500-0aa00-0aa0 | - | |
| siemens | 7kg8500-0aa00-2aa0_firmware | * | |
| siemens | 7kg8500-0aa00-2aa0 | - | |
| siemens | 7kg8500-0aa10-0aa0_firmware | * | |
| siemens | 7kg8500-0aa10-0aa0 | - | |
| siemens | 7kg8500-0aa10-2aa0_firmware | * | |
| siemens | 7kg8500-0aa10-2aa0 | - | |
| siemens | 7kg8500-0aa30-0aa0_firmware | * | |
| siemens | 7kg8500-0aa30-0aa0 | - | |
| siemens | 7kg8500-0aa30-2aa0_firmware | * | |
| siemens | 7kg8500-0aa30-2aa0 | - | |
| siemens | 7kg8501-0aa01-0aa0_firmware | * | |
| siemens | 7kg8501-0aa01-0aa0 | - | |
| siemens | 7kg8501-0aa01-2aa0_firmware | * | |
| siemens | 7kg8501-0aa01-2aa0 | - | |
| siemens | 7kg8501-0aa02-0aa0_firmware | * | |
| siemens | 7kg8501-0aa02-0aa0 | - | |
| siemens | 7kg8501-0aa02-2aa0_firmware | * | |
| siemens | 7kg8501-0aa02-2aa0 | - | |
| siemens | 7kg8501-0aa11-0aa0_firmware | * | |
| siemens | 7kg8501-0aa11-0aa0 | - | |
| siemens | 7kg8501-0aa11-2aa0_firmware | * | |
| siemens | 7kg8501-0aa11-2aa0 | - | |
| siemens | 7kg8501-0aa12-0aa0_firmware | * | |
| siemens | 7kg8501-0aa12-0aa0 | - | |
| siemens | 7kg8501-0aa12-2aa0_firmware | * | |
| siemens | 7kg8501-0aa12-2aa0 | - | |
| siemens | 7kg8501-0aa31-0aa0_firmware | * | |
| siemens | 7kg8501-0aa31-0aa0 | - | |
| siemens | 7kg8501-0aa31-2aa0_firmware | * | |
| siemens | 7kg8501-0aa31-2aa0 | - | |
| siemens | 7kg8501-0aa32-0aa0_firmware | * | |
| siemens | 7kg8501-0aa32-0aa0 | - | |
| siemens | 7kg8501-0aa32-2aa0_firmware | * | |
| siemens | 7kg8501-0aa32-2aa0 | - | |
| siemens | 7kg8550-0aa00-0aa0_firmware | * | |
| siemens | 7kg8550-0aa00-0aa0 | - | |
| siemens | 7kg8550-0aa00-2aa0_firmware | * | |
| siemens | 7kg8550-0aa00-2aa0 | - | |
| siemens | 7kg8550-0aa10-0aa0_firmware | * | |
| siemens | 7kg8550-0aa10-0aa0 | - | |
| siemens | 7kg8550-0aa10-2aa0_firmware | * | |
| siemens | 7kg8550-0aa10-2aa0 | - | |
| siemens | 7kg8550-0aa30-0aa0_firmware | * | |
| siemens | 7kg8550-0aa30-0aa0 | - | |
| siemens | 7kg8550-0aa30-2aa0_firmware | * | |
| siemens | 7kg8550-0aa30-2aa0 | - | |
| siemens | 7kg8551-0aa01-0aa0_firmware | * | |
| siemens | 7kg8551-0aa01-0aa0 | - | |
| siemens | 7kg8551-0aa01-2aa0_firmware | * | |
| siemens | 7kg8551-0aa01-2aa0 | - | |
| siemens | 7kg8551-0aa02-0aa0_firmware | * | |
| siemens | 7kg8551-0aa02-0aa0 | - | |
| siemens | 7kg8551-0aa02-2aa0_firmware | * | |
| siemens | 7kg8551-0aa02-2aa0 | - | |
| siemens | 7kg8551-0aa11-0aa0_firmware | * | |
| siemens | 7kg8551-0aa11-0aa0 | - | |
| siemens | 7kg8551-0aa11-2aa0_firmware | * | |
| siemens | 7kg8551-0aa11-2aa0 | - | |
| siemens | 7kg8551-0aa12-0aa0_firmware | * | |
| siemens | 7kg8551-0aa12-0aa0 | - | |
| siemens | 7kg8551-0aa12-2aa0_firmware | * | |
| siemens | 7kg8551-0aa12-2aa0 | - | |
| siemens | 7kg8551-0aa31-0aa0_firmware | * | |
| siemens | 7kg8551-0aa31-0aa0 | - | |
| siemens | 7kg8551-0aa31-2aa0_firmware | * | |
| siemens | 7kg8551-0aa31-2aa0 | - | |
| siemens | 7kg8551-0aa32-0aa0_firmware | * | |
| siemens | 7kg8551-0aa32-0aa0 | - | |
| siemens | 7kg8551-0aa32-2aa0_firmware | * | |
| siemens | 7kg8551-0aa32-2aa0 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8500-0aa00-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29D23CC1-B5EA-4088-8552-6BD00DE6DABC",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8500-0aa00-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19E9E75A-266E-42F4-A978-1881CFB775D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8500-0aa00-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F46742A1-FEA3-46E8-A1E4-D8203F3C2CF8",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8500-0aa00-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0B7A11-AE03-4EDD-B446-CFAE7B83A405",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8500-0aa10-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4676DE8-BCA3-48AF-B90F-6F4331FDD77B",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8500-0aa10-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E8F3D9-37A0-4DFD-8131-1664893C2D64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8500-0aa10-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98F64393-39B7-49DE-8F50-73E7A5DBAB61",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8500-0aa10-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5450BA3D-61FE-46EA-AD56-D04D3809D23D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8500-0aa30-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5665988-B892-4C16-837A-DA5D1A1FD241",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8500-0aa30-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1C19C0-3092-4AB8-A131-3284D3CF0A00",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8500-0aa30-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A41D5D-D9CE-4436-92E1-87DFE46E703A",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8500-0aa30-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EC17FD2-8B3B-4331-A0E2-991A0C92E119",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa01-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F555FCD5-A377-4505-9EB9-83D1FC0BA005",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa01-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFAA2339-0C00-4551-958E-76E34DF50F3E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa01-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "209B2BF5-0023-4F35-9E1A-5F271A026FA1",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa01-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC103BEB-FD72-4BCF-8450-8F753986284E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa02-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81CA2D85-1A58-42FB-BD06-F2E236808890",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa02-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94BB09DC-2493-4680-A718-847A9F3916C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa02-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D62E4F9-7230-496D-A00A-AB71EC9F56B6",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa02-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83646A62-58E8-47B3-A3E2-9052A223BA3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa11-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C748EAE-AFA9-4600-85CD-D5E1C4A2ABB4",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa11-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "835E6B3A-D357-478D-AC74-1FB0BF1FB48B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa11-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48DA971B-28EA-4443-B546-CE066DE5A611",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa11-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8905ED-8C17-42A3-BB22-95F572A2CD41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa12-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90528A32-4827-4A29-8E54-0DBCEF141183",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa12-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "513D4A78-6F4B-421F-BA56-40FF32E12692",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa12-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BECCF69-B791-4F97-94B6-150A52A22543",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa12-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81A0038B-F453-4530-A681-F37AADF797A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa31-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D9B433-4F5F-4C63-B16C-047186B726F5",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa31-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "624701F6-0F97-4A83-A329-38310EA7ABAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa31-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93845620-72CC-4C54-BF5C-9E9A9DD0439F",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa31-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B81F629C-DF39-43F0-AEB9-F66CFCB29E85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa32-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5178FF49-6E30-47D7-892F-1121288E7E8B",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa32-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6ED2A92F-04A9-46BC-B334-DB06F55614A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8501-0aa32-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E21CE9-87D8-4D20-B343-48AF64E7049D",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8501-0aa32-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D80D60C5-AF37-4498-919E-CB6589286B3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8550-0aa00-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9DBF9D2-1C19-43F8-BFCA-1024BFC40DDE",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8550-0aa00-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D3C6DE9-9980-46E6-9468-F8167D5CF692",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8550-0aa00-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B02F4EC-85D5-442E-B71C-A9CA9C3854F6",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8550-0aa00-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C94271C-DAD2-4C53-A701-93A542A3B154",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8550-0aa10-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E24F48D-DC93-4126-8830-A7662AAA87CD",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8550-0aa10-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1E983D-BE5E-4D3C-AD00-3EFB6775AE80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8550-0aa10-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63C21B33-EC43-450A-8F33-0948DD07525B",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8550-0aa10-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF24A81-2063-4DAB-B6E4-2546042A553C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8550-0aa30-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A402337A-B4A8-4F8D-B826-2EE714864C01",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8550-0aa30-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15554D33-7C32-44E6-B16E-D0A5AC903E85",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8550-0aa30-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FE0DFE-B877-4E07-9A9C-8AC24259240F",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8550-0aa30-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34B32039-505A-4815-967B-D11F4D337CE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa01-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCF2749-986F-4735-96E8-749E625CAD6A",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa01-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E74BAD6-218E-477C-B2C2-CE0E578A2400",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa01-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7558F27-235F-47B8-9D65-944BF1C92DDF",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa01-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE65771-9A0E-48AF-A9FE-4705698C8997",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa02-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEB551BB-4C46-4FA0-B9EF-C70583D02993",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa02-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9710DFFE-974F-4A82-9E85-3311D84A951F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa02-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1117B8F-7911-4B2E-A9DE-5F8D3FA0DFCF",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa02-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF385121-4F72-4EE3-9EC3-BC9B910E74BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa11-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF9E3B9-1DC8-4293-8D2C-9B5CF6F50E23",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa11-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71F882A2-DFFB-4A07-8F62-E52068EDCC35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa11-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83A63834-D7F7-4112-9C03-AF64EA254B35",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa11-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93C0DE4-4FE9-4C19-AD4A-805910DD9682",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa12-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9F3057-5918-4331-863A-46A4FA292F8E",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa12-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "949B5448-5CCA-45A4-8D6B-8FB70EF42A14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa12-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFF3159-7FCF-4ACC-B06A-EB6414E01307",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa12-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "634DEE3C-5BB9-446B-A0FD-95764C0B0461",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa31-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC81665F-2064-4F85-88BF-5A3F46178CBE",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa31-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "468D2956-6D5C-48C6-B0C9-868CC9DEA8D9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa31-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B302DC77-B1E2-46DF-8E6A-9F7CCBF6A899",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa31-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "274D904F-D09A-4038-97FE-464BBE97A93B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa32-0aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "976E3302-C339-4057-A0DD-EF40A9A501F4",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa32-0aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7923FD73-F2FA-4B60-A1E3-F7C4D586269B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:7kg8551-0aa32-2aa0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4EF031-920F-4F69-B25A-779ACA4046B8",
"versionEndExcluding": "3.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:7kg8551-0aa32-2aa0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D72FBA5B-E455-4E07-B39C-70AEE0C26EBF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SICAM T (All versions \u003c V3.0). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3. 00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3. 00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3. 00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3. 00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3. 00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3. 00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3. 00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00). Los dispositivos afectados usan un rango limitado para los desaf\u00edos que son env\u00edan durante una comunicaci\u00f3n desaf\u00edo-respuesta no cifrada. Un atacante no autenticado podr\u00eda capturar un par desaf\u00edo-respuesta v\u00e1lido generado por un usuario leg\u00edtimo, y solicitar la p\u00e1gina web repetidamente para esperar que vuelva a aparecer el mismo desaf\u00edo para el que sea conocida la respuesta correcta. Esto podr\u00eda permitir al atacante acceder a la interfaz de administraci\u00f3n del dispositivo"
}
],
"id": "CVE-2022-29878",
"lastModified": "2025-12-09T16:17:13.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2022-05-20T13:15:16.177",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-165073.html"
},
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-471761.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…