Vulnerability-Lookup

CVE-2022-31766 (GCVE-0-2022-31766)

Vulnerability from cvelistv5 – Published: 2022-10-11 00:00 – Updated: 2025-04-21 13:48

Summary

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions >= V1.1.0 < V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.

Severity ?

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C

CWE

CWE-20 - Improper Input Validation

Assigner

siemens

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/html/…

Impacted products

Vendor

Product

Version

Siemens

RUGGEDCOM RM1224 LTE(4G) EU

Affected: 0 , < V7.1.2 (custom)

Siemens	RUGGEDCOM RM1224 LTE(4G) NAM	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M804PB	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M812-1 ADSL-Router	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M812-1 ADSL-Router	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M816-1 ADSL-Router	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M816-1 ADSL-Router	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M826-2 SHDSL-Router	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M874-2	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M874-3	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M876-3	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M876-3 (ROK)	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M876-4	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M876-4 (EU)	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE M876-4 (NAM)	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE MUM853-1 (EU)	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE MUM856-1 (EU)	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE MUM856-1 (RoW)	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE S615 EEC LAN-Router	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE S615 LAN-Router	Affected: 0 , < V7.1.2 (custom)
Siemens	SCALANCE WAM763-1	Affected: V1.1.0 , < V3.0.0 (custom)
Siemens	SCALANCE WAM766-1	Affected: V1.1.0 , < V3.0.0 (custom)
Siemens	SCALANCE WAM766-1 (US)	Affected: V1.1.0 , < V3.0.0 (custom)
Siemens	SCALANCE WAM766-1 EEC	Affected: V1.1.0 , < V3.0.0 (custom)
Siemens	SCALANCE WAM766-1 EEC (US)	Affected: V1.1.0 , < V3.0.0 (custom)
Siemens	SCALANCE WUM763-1	Affected: V1.1.0 , < V3.0.0 (custom)
Siemens	SCALANCE WUM763-1	Affected: V1.1.0 , < V3.0.0 (custom)
Siemens	SCALANCE WUM766-1	Affected: V1.1.0 , < V3.0.0 (custom)
Siemens	SCALANCE WUM766-1 (USA)	Affected: V1.1.0 , < V3.0.0 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:26:01.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-31766",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-18T15:12:15.373311Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T13:48:28.967Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.1.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.0",
              "status": "affected",
              "version": "V1.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.0",
              "status": "affected",
              "version": "V1.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.0",
              "status": "affected",
              "version": "V1.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.0",
              "status": "affected",
              "version": "V1.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.0",
              "status": "affected",
              "version": "V1.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.0",
              "status": "affected",
              "version": "V1.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.0",
              "status": "affected",
              "version": "V1.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.0",
              "status": "affected",
              "version": "V1.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0.0",
              "status": "affected",
              "version": "V1.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions \u003e= V1.1.0 \u003c V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.\r\nThis could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-11T10:26:25.003Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-697140.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-31766",
    "datePublished": "2022-10-11T00:00:00.000Z",
    "dateReserved": "2022-05-27T00:00:00.000Z",
    "dateUpdated": "2025-04-21T13:48:28.967Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:26:01.135Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-31766\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-18T15:12:15.373311Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-18T15:12:17.642Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C\"}}], \"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM RM1224 LTE(4G) EU\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM RM1224 LTE(4G) NAM\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M804PB\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M812-1 ADSL-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M812-1 ADSL-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M816-1 ADSL-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M816-1 ADSL-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M826-2 SHDSL-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M874-2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M874-3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-3 (ROK)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-4\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-4 (EU)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE M876-4 (NAM)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM853-1 (EU)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM856-1 (EU)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE MUM856-1 (RoW)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE S615 EEC LAN-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE S615 LAN-Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"V7.1.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM763-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.1.0\", \"lessThan\": \"V3.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.1.0\", \"lessThan\": \"V3.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1 (US)\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.1.0\", \"lessThan\": \"V3.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1 EEC\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.1.0\", \"lessThan\": \"V3.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WAM766-1 EEC (US)\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.1.0\", \"lessThan\": \"V3.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM763-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.1.0\", \"lessThan\": \"V3.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM763-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.1.0\", \"lessThan\": \"V3.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM766-1\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.1.0\", \"lessThan\": \"V3.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SCALANCE WUM766-1 (USA)\", \"versions\": [{\"status\": \"affected\", \"version\": \"V1.1.0\", \"lessThan\": \"V3.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-697140.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions \u003e= V1.1.0 \u003c V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.\\r\\nThis could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"shortName\": \"siemens\", \"dateUpdated\": \"2025-02-11T10:26:25.003Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-31766\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-21T13:48:28.967Z\", \"dateReserved\": \"2022-05-27T00:00:00.000Z\", \"assignerOrgId\": \"cec7a2ec-15b4-4faf-bd53-b40f371f3a77\", \"datePublished\": \"2022-10-11T00:00:00.000Z\", \"assignerShortName\": \"siemens\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CVE-2022-31766

Vulnerability from fstec - Published: 11.10.2022

Title

Уязвимость микропрограммного обеспечения маршрутизаторов, точек доступа и роутеров Siemens, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость микропрограммного обеспечения маршрутизаторов, точек доступа и роутеров Siemens существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Vendor

Siemens AG

Software Name

RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router, SCALANCE M816-1 ADSL-Router, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3, SCALANCE M876-4, SCALANCE MUM853-1, SCALANCE MUM856-1, SCALANCE S615, SCALANCE WAM763-1, SCALANCE WAM766-1, SCALANCE WUM763-1, SCALANCE WUM766-1

Software Version

до 7.1.2 (RUGGEDCOM RM1224 LTE(4G) EU), до 7.1.2 (RUGGEDCOM RM1224 LTE(4G) NAM), до 7.1.2 (SCALANCE M804PB), до 7.1.2 (SCALANCE M812-1 ADSL-Router), до 7.1.2 (SCALANCE M816-1 ADSL-Router), до 7.1.2 (SCALANCE M826-2 SHDSL-Router), до 7.1.2 (SCALANCE M874-2), до 7.1.2 (SCALANCE M874-3), до 7.1.2 (SCALANCE M876-3), до 7.1.2 (SCALANCE M876-4), до 7.1.2 (SCALANCE MUM853-1), до 7.1.2 (SCALANCE MUM856-1), до 7.1.2 (SCALANCE S615), до 1.1.0 включительно (SCALANCE WAM763-1), до 1.1.0 включительно (SCALANCE WAM766-1), до 1.1.0 включительно (SCALANCE WUM763-1), до 1.1.0 включительно (SCALANCE WUM766-1)

Possible Mitigations

Использование рекомендаций: https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Siemens AG",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 7.1.2 (RUGGEDCOM RM1224 LTE(4G) EU), \u0434\u043e 7.1.2 (RUGGEDCOM RM1224 LTE(4G) NAM), \u0434\u043e 7.1.2 (SCALANCE M804PB), \u0434\u043e 7.1.2 (SCALANCE M812-1 ADSL-Router), \u0434\u043e 7.1.2 (SCALANCE M816-1 ADSL-Router), \u0434\u043e 7.1.2 (SCALANCE M826-2 SHDSL-Router), \u0434\u043e 7.1.2 (SCALANCE M874-2), \u0434\u043e 7.1.2 (SCALANCE M874-3), \u0434\u043e 7.1.2 (SCALANCE M876-3), \u0434\u043e 7.1.2 (SCALANCE M876-4), \u0434\u043e 7.1.2 (SCALANCE MUM853-1), \u0434\u043e 7.1.2 (SCALANCE MUM856-1), \u0434\u043e 7.1.2 (SCALANCE S615), \u0434\u043e 1.1.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (SCALANCE WAM763-1), \u0434\u043e 1.1.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (SCALANCE WAM766-1), \u0434\u043e 1.1.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (SCALANCE WUM763-1), \u0434\u043e 1.1.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (SCALANCE WUM766-1)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.10.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "07.11.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "07.11.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-06658",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-31766",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router, SCALANCE M816-1 ADSL-Router, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M876-3, SCALANCE M876-4, SCALANCE MUM853-1, SCALANCE MUM856-1, SCALANCE S615, SCALANCE WAM763-1, SCALANCE WAM766-1, SCALANCE WUM763-1, SCALANCE WUM766-1",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432, \u0442\u043e\u0447\u0435\u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432 Siemens, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432, \u0442\u043e\u0447\u0435\u043a \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432 Siemens \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0410\u0421\u0423 \u0422\u041f",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}

FKIE_CVE-2022-31766

Vulnerability from fkie_nvd - Published: 2022-10-11 11:15 - Updated: 2025-04-10 20:26

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-697140.html	Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	ruggedcom_rm1224_firmware	*
siemens	ruggedcom_rm1224	-
siemens	scalance_m804pb_firmware	*
siemens	scalance_m804pb	-
siemens	scalance_m812-1_firmware	*
siemens	scalance_m812-1	-
siemens	scalance_m816-1_firmware	*
siemens	scalance_m816-1	-
siemens	scalance_m826-2_firmware	*
siemens	scalance_m826-2	-
siemens	scalance_m874-2_firmware	*
siemens	scalance_m874-2	-
siemens	scalance_m874-3_firmware	*
siemens	scalance_m874-3	-
siemens	scalance_m876-3_firmware	*
siemens	scalance_m876-3	-
siemens	scalance_m876-4_firmware	*
siemens	scalance_m876-4	-
siemens	scalance_mum853-1_firmware	*
siemens	scalance_mum853-1	-
siemens	scalance_mum856-1_firmware	*
siemens	scalance_mum856-1	-
siemens	scalance_s615_firmware	*
siemens	scalance_s615	-
siemens	scalance_wam763-1_firmware	*
siemens	scalance_wam763-1	-
siemens	scalance_wam766-1_firmware	*
siemens	scalance_wam766-1	-
siemens	scalance_wum763-1_firmware	*
siemens	scalance_wum763-1	-
siemens	scalance_wum766-1_firmware	*
siemens	scalance_wum766-1	-
siemens	scalance_wam766-1_firmware	*
siemens	scalance_wam766-1	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0929F4C-9E86-4716-817F-DFACA179B3A2",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "284DF779-D900-48B4-A177-7281CD445AB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE36E468-BED7-4F69-B96B-37475B898698",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A20C960-61EB-4C18-AD1B-A4D3D51D16C0",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m812-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31EAEF72-8B41-44E0-A33B-753AF85A3106",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07969DC2-4B5F-4E16-8537-2AF2ADCE2F6F",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m816-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5908438F-2575-46EB-AC96-5F33D018AFAC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED73587-12BD-4F94-BCFB-16AD60B1A973",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DBB2514-5AFC-44C8-B514-938AFBDB38BD",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4488D9A-7EFD-49BB-B981-82FEAA32C4A6",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3854542-6F44-4444-B610-8E7FE364CFF4",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B311B0-951A-49CF-9A46-8E01DE9A5079",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum853-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "424A24E1-78AF-4C83-B4BD-89D67E3A5A88",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum853-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F56875A-B2B3-471F-ADAC-574C55E1D86A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3B5A56-F9ED-44F8-A02D-246F83D160FF",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_mum856-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17BEBCAB-D640-4F6D-9579-4A54C76D80F8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4853998E-7671-4F78-BE2D-88D788686181",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wam763-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EF8DB32-D523-43A3-B787-D5D391820D37",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AAE316D-6BA6-4C3F-9EE1-E23E4CB6FD19",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33F8E91-AAAE-458A-8690-2B69894DE9B7",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA96B540-439B-4A1A-9D7D-C45AEFBC7BE6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wum763-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB951482-45DB-4224-BD14-DFB54362AE80",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C501445F-BDF6-4A0A-85FD-E6BFBF0A3C6F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wum766-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C84B33EE-C895-434B-AB8F-53D4B54D1D1F",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB15599-F795-4D24-A4A6-CD826F6A7A13",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:ecc:*",
              "matchCriteriaId": "57F1D7C6-7C13-4FFB-909C-B4B23A645F60",
              "versionStartIncluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:ecc:*",
              "matchCriteriaId": "8168477E-7D2E-4575-8864-9B4FD152CD61",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions \u003e= V1.1.0 \u003c V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions \u003e= V1.1.0 \u003c V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.\r\nThis could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (Todas las versiones anteriores a V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (Todas las versiones anteriores a V7.1.2), SCALANCE M804PB (Todas las versiones anteriores a V7.1. 2), SCALANCE M812-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1.2), SCALANCE M812-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M816-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1. 2), SCALANCE M816-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M826-2 SHDSL-Router (Todas las versiones anteriores a V7.1.2), SCALANCE M874-2 (Todas las versiones anteriores a V7.1.2), SCALANCE M874-3 (Todas las versiones anteriores a V7. 1.2), SCALANCE M876-3 (EVDO) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-3 (ROK) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (NAM) (Todas las versiones anteriores a V7. 1.2), SCALANCE MUM853-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (RoW) (Todas las versiones anteriores a V7.1.2), SCALANCE S615 (Todas las versiones anteriores a V7. 1.2), SCALANCE WAM763-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 6GHz (Todas las versiones  posteriores a V1.1. 0 incluy\u00e9ndola), SCALANCE WAM766-1 EEC (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 EEC (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 EEC 6GHz (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM763-1 (Todas las versiones  posteriores a V1. 1.0 incluy\u00e9ndola), SCALANCE WUM763-1 (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM766-1 (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM766-1 (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM766-1 6GHz (Todas las versiones  posteriores a V1.1.0 incluy\u00e9ndola). Los dispositivos afectados con el servicio de eventos TCP activado no manejan apropiadamente los paquetes malformados. Esto podr\u00eda permitir a un atacante remoto no autenticado causar una denegaci\u00f3n de servicio y reiniciar el dispositivo, lo que podr\u00eda afectar a otros recursos de red"
    }
  ],
  "id": "CVE-2022-31766",
  "lastModified": "2025-04-10T20:26:39.307",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-11T11:15:09.810",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-697140.html"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2022-31766

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.

Aliases

CVE-2022-31766

Aliases

CVE-2022-31766

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-31766",
    "description": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.1.2), SCALANCE M804PB (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.1.2), SCALANCE M874-2 (All versions \u003c V7.1.2), SCALANCE M874-3 (All versions \u003c V7.1.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.1.2), SCALANCE S615 (All versions \u003c V7.1.2), SCALANCE WAM763-1 (All versions \u003e= V1.1.0), SCALANCE WAM766-1 (All versions \u003e= V1.1.0), SCALANCE WAM766-1 (All versions \u003e= V1.1.0), SCALANCE WAM766-1 6GHz (All versions \u003e= V1.1.0), SCALANCE WAM766-1 EEC (All versions \u003e= V1.1.0), SCALANCE WAM766-1 EEC (All versions \u003e= V1.1.0), SCALANCE WAM766-1 EEC 6GHz (All versions \u003e= V1.1.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0), SCALANCE WUM766-1 (All versions \u003e= V1.1.0), SCALANCE WUM766-1 (All versions \u003e= V1.1.0), SCALANCE WUM766-1 6GHz (All versions \u003e= V1.1.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service and reboot the device thus possibly affecting other network resources.",
    "id": "GSD-2022-31766"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-31766"
      ],
      "details": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.1.2), SCALANCE M804PB (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.1.2), SCALANCE M874-2 (All versions \u003c V7.1.2), SCALANCE M874-3 (All versions \u003c V7.1.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.1.2), SCALANCE M876-4 (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.1.2), SCALANCE S615 (All versions \u003c V7.1.2), SCALANCE S615 EEC (All versions \u003c V7.1.2), SCALANCE WAM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.",
      "id": "GSD-2022-31766",
      "modified": "2023-12-13T01:19:17.527037Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2022-31766",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "RUGGEDCOM RM1224 LTE(4G) EU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "RUGGEDCOM RM1224 LTE(4G) NAM",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M804PB",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M812-1 ADSL-Router (Annex A)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M812-1 ADSL-Router (Annex B)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M816-1 ADSL-Router (Annex A)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M816-1 ADSL-Router (Annex B)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M826-2 SHDSL-Router",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M874-2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M874-3",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-3 (EVDO)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-3 (ROK)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-4",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-4 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-4 (NAM)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE MUM853-1 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE MUM856-1 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE MUM856-1 (RoW)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE S615",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE S615 EEC",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.1.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM763-1",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V1.1.0 \u003c V2.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM766-1 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V1.1.0 \u003c V2.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM766-1 (US)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V1.1.0 \u003c V2.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM766-1 EEC (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V1.1.0 \u003c V2.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM766-1 EEC (US)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V1.1.0 \u003c V2.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WUM763-1",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V1.1.0 \u003c V2.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V1.1.0 \u003c V2.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WUM766-1 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V1.1.0 \u003c V2.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WUM766-1 (US)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V1.1.0 \u003c V2.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.1.2), SCALANCE M804PB (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.1.2), SCALANCE M874-2 (All versions \u003c V7.1.2), SCALANCE M874-3 (All versions \u003c V7.1.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.1.2), SCALANCE M876-4 (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.1.2), SCALANCE S615 (All versions \u003c V7.1.2), SCALANCE S615 EEC (All versions \u003c V7.1.2), SCALANCE WAM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-20",
                "lang": "eng",
                "value": "CWE-20: Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_m812-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_m816-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_mum853-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_mum853-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_mum856-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.1.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_wam763-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionStartIncluding": "1.1.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionStartIncluding": "1.1.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_wum763-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionStartIncluding": "1.1.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_wum766-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionStartIncluding": "1.1.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:ecc:*",
                    "cpe_name": [],
                    "versionStartIncluding": "1.1.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:ecc:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2022-31766"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.1.2), SCALANCE M804PB (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.1.2), SCALANCE M874-2 (All versions \u003c V7.1.2), SCALANCE M874-3 (All versions \u003c V7.1.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.1.2), SCALANCE M876-4 (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.1.2), SCALANCE S615 (All versions \u003c V7.1.2), SCALANCE S615 EEC (All versions \u003c V7.1.2), SCALANCE WAM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WAM766-1 EEC (US) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (EU) (All versions \u003e= V1.1.0 \u003c V2.0), SCALANCE WUM766-1 (US) (All versions \u003e= V1.1.0 \u003c V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 4.0
        }
      },
      "lastModifiedDate": "2023-03-14T10:15Z",
      "publishedDate": "2022-10-11T11:15Z"
    }
  }
}

GHSA-GH7W-58G5-RMWX

Vulnerability from github – Published: 2022-10-11 12:00 – Updated: 2025-02-11 12:30

Details

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0), SCALANCE WAM766-1 (All versions >= V1.1.0), SCALANCE WAM766-1 (All versions >= V1.1.0), SCALANCE WAM766-1 6GHz (All versions >= V1.1.0), SCALANCE WAM766-1 EEC (All versions >= V1.1.0), SCALANCE WAM766-1 EEC (All versions >= V1.1.0), SCALANCE WAM766-1 EEC 6GHz (All versions >= V1.1.0), SCALANCE WUM763-1 (All versions >= V1.1.0), SCALANCE WUM763-1 (All versions >= V1.1.0), SCALANCE WUM766-1 (All versions >= V1.1.0), SCALANCE WUM766-1 (All versions >= V1.1.0), SCALANCE WUM766-1 6GHz (All versions >= V1.1.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service and reboot the device thus possibly affecting other network resources.

Severity ?

8.6 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-31766"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-11T11:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.1.2), SCALANCE M804PB (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.1.2), SCALANCE M874-2 (All versions \u003c V7.1.2), SCALANCE M874-3 (All versions \u003c V7.1.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.1.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.1.2), SCALANCE M876-4 (EU) (All versions \u003c V7.1.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.1.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.1.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.1.2), SCALANCE S615 (All versions \u003c V7.1.2), SCALANCE WAM763-1 (All versions \u003e= V1.1.0), SCALANCE WAM766-1 (All versions \u003e= V1.1.0), SCALANCE WAM766-1 (All versions \u003e= V1.1.0), SCALANCE WAM766-1 6GHz (All versions \u003e= V1.1.0), SCALANCE WAM766-1 EEC (All versions \u003e= V1.1.0), SCALANCE WAM766-1 EEC (All versions \u003e= V1.1.0), SCALANCE WAM766-1 EEC 6GHz (All versions \u003e= V1.1.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0), SCALANCE WUM763-1 (All versions \u003e= V1.1.0), SCALANCE WUM766-1 (All versions \u003e= V1.1.0), SCALANCE WUM766-1 (All versions \u003e= V1.1.0), SCALANCE WUM766-1 6GHz (All versions \u003e= V1.1.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service and reboot the device thus possibly affecting other network resources.",
  "id": "GHSA-gh7w-58g5-rmwx",
  "modified": "2025-02-11T12:30:52Z",
  "published": "2022-10-11T12:00:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31766"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-697140.html"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2022-AVI-897

Vulnerability from certfr_avis - Published: 2022-10-11 - Updated: 2022-10-11

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Siemens	N/A	Se référer aux bulletins de sécurité de l'éditeur (cf. section Documentation) pour la liste complète des systèmes affectés

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-31766 (GCVE-0-2022-31766)

CVE-2022-31766

FKIE_CVE-2022-31766

GSD-2022-31766

GHSA-GH7W-58G5-RMWX

CERTFR-2022-AVI-897

Solution

Tags

Sightings

Nomenclature