CVE-2022-25753
CVSS V2 Medium 6.5
CVSS V3 High 8.8
Description
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.
Overview
- CVE ID
- CVE-2022-25753
- Assigner
- productcert@siemens.com
- Vulnerability Status
- Analyzed
- Published Version
- 2022-04-12T09:15:14
- Last Modified Date
- 2022-04-19T18:11:33
Weakness Enumerations
CPE Configuration (Product)
CPE | Vulnerable | Operator | Version Start | Version End |
---|---|---|---|---|
AND | ||||
cpe:2.3:o:siemens:scalance_x302-7eec_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x302-7eec:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x304-2fe_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x304-2fe:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x306-1ldfe_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x306-1ldfe:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x307-2eec_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x307-2eec:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x307-3_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x307-3:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x307-3ld_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x307-3ld:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x308-2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x308-2:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x308-2ld_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x308-2ld:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x308-2lh_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x308-2lh:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x308-2lh\+_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x308-2lh\+:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x308-2m_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x308-2m:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x308-2m_poe_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
cpe:2.3:h:siemens:scalance_x308-2m_poe:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x308-2m_ts_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x308-2m_ts:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x310_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x310:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x310fe_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x310fe:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x320-1fe_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x320-1fe:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x320-1-2ldfe_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x320-1-2ldfe:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_x408-2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_x408-2:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_xr324-4m_eec_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_xr324-4m_eec:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_xr324-4m_poe_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_xr324-4m_poe:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_xr324-4m_poe_ts_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_xr324-4m_poe_ts:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_xr324-12m_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_xr324-12m:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:scalance_xr324-12m_ts_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:scalance_xr324-12m_ts:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:siemens:siplus_net_scalance_x308-2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 4.1.4 | |
cpe:2.3:h:siemens:siplus_net_scalance_x308-2:-:*:*:*:*:*:*:* | 0 | OR |
CVSS Version 2
- Version
- 2.0
- Vector String
- AV:N/AC:L/Au:S/C:P/I:P/A:P
- Access Vector
- NETWORK
- Access Compatibility
- LOW
- Authentication
- SINGLE
- Confidentiality Impact
- PARTIAL
- Integrity Impact
- PARTIAL
- Availability Impact
- PARTIAL
- Base Score
- 6.5
- Severity
- MEDIUM
- Exploitability Score
- 8
- Impact Score
- 6.4
CVSS Version 3
- Version
- 3.1
- Vector String
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Attack Vector
- NETWORK
- Attack Compatibility
- LOW
- Privileges Required
- LOW
- User Interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality Impact
- HIGH
- Availability Impact
- HIGH
- Base Score
- 8.8
- Base Severity
- HIGH
- Exploitability Score
- 2.8
- Impact Score
- 5.9
References
Reference URL | Reference Tags |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf | Mitigation Patch Vendor Advisory |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-25753 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25753 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2022-04-20 17:01:35 | Added to TrackCVE |