Search criteria

15 vulnerabilities found for 7kg9501-0aa31-2aa1_firmware by siemens

FKIE_CVE-2022-43546

Vulnerability from fkie_nvd - Published: 2022-11-08 11:15 - Updated: 2024-11-21 07:26
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdfMitigation, Patch, Vendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdfMitigation, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
Impacted products
Vendor Product Version
siemens 7kg9501-0aa01-2aa1_firmware *
siemens 7kg9501-0aa01-2aa1 -
siemens 7kg9501-0aa31-2aa1_firmware *
siemens 7kg9501-0aa31-2aa1 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "821380FC-8F3A-4437-94FF-FB95D9F187D0",
              "versionEndExcluding": "2.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "275E9296-AACA-4F3B-B8FA-D52A59E729DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE155DF-AB9B-4A85-A845-AF1B51B05833",
              "versionEndExcluding": "2.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC260D4F-53BD-433C-AE8F-FA2FA47BC921",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en la familia POWER METER SICAM Q200 (Todas las versiones \u0026lt; V2.70), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3. 10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10) , \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 ( Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3. 10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10) , \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10). \nLos dispositivos afectados no validan correctamente el par\u00e1metro EndTime en las solicitudes a la interfaz web en el puerto 443/tcp. Esto podr\u00eda permitir que un atacante remoto autenticado bloquee el dispositivo (seguido de un reinicio autom\u00e1tico) o ejecute c\u00f3digo arbitrario en el dispositivo."
    }
  ],
  "id": "CVE-2022-43546",
  "lastModified": "2024-11-21T07:26:45.323",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-08T11:15:12.127",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-43439

Vulnerability from fkie_nvd - Published: 2022-11-08 11:15 - Updated: 2025-12-09 16:17
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions < V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.10), SICAM T (All versions < V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-471761.html
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-570294.html
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-572005.html
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-887249.html
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdfPatch, Vendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
Impacted products
Vendor Product Version
siemens 7kg9501-0aa01-2aa1_firmware *
siemens 7kg9501-0aa01-2aa1 -
siemens 7kg9501-0aa31-2aa1_firmware *
siemens 7kg9501-0aa31-2aa1 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "821380FC-8F3A-4437-94FF-FB95D9F187D0",
              "versionEndExcluding": "2.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "275E9296-AACA-4F3B-B8FA-D52A59E729DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE155DF-AB9B-4A85-A845-AF1B51B05833",
              "versionEndExcluding": "2.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC260D4F-53BD-433C-AE8F-FA2FA47BC921",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions \u003c V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions \u003c V3.10), SICAM T (All versions \u003c V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port  443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en la familia POWER METER SICAM Q200 (Todas las versiones \u0026lt; V2.70), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3. 10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10) , \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 ( Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10) , \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10). \nLos dispositivos afectados no validan correctamente el par\u00e1metro Idioma en las solicitudes a la interfaz web en el puerto 443/tcp. Esto podr\u00eda permitir que un atacante remoto autenticado bloquee el dispositivo (seguido de un reinicio autom\u00e1tico) o ejecute c\u00f3digo arbitrario en el dispositivo."
    }
  ],
  "id": "CVE-2022-43439",
  "lastModified": "2025-12-09T16:17:16.917",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-08T11:15:12.003",
  "references": [
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-471761.html"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-570294.html"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-572005.html"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-887249.html"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-43545

Vulnerability from fkie_nvd - Published: 2022-11-08 11:15 - Updated: 2024-11-21 07:26
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdfMitigation, Patch, Vendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdfMitigation, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
Impacted products
Vendor Product Version
siemens 7kg9501-0aa01-2aa1_firmware *
siemens 7kg9501-0aa01-2aa1 -
siemens 7kg9501-0aa31-2aa1_firmware *
siemens 7kg9501-0aa31-2aa1 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "821380FC-8F3A-4437-94FF-FB95D9F187D0",
              "versionEndExcluding": "2.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "275E9296-AACA-4F3B-B8FA-D52A59E729DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE155DF-AB9B-4A85-A845-AF1B51B05833",
              "versionEndExcluding": "2.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC260D4F-53BD-433C-AE8F-FA2FA47BC921",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en la familia POWER METER SICAM Q200 (Todas las versiones \u0026lt; V2.70), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (Todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3. 10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10) , \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P850 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 ( Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3. 10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10), \nSICAM P855 (todas las versiones \u0026lt; V3.10) , \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10), \nSICAM P855 (Todas las versiones \u0026lt; V3.10). \nLos dispositivos afectados no validan correctamente el par\u00e1metro RecordType en las solicitudes a la interfaz web en el puerto 443/tcp. Esto podr\u00eda permitir que un atacante remoto autenticado bloquee el dispositivo (seguido de un reinicio autom\u00e1tico) o ejecute c\u00f3digo arbitrario en el dispositivo."
    }
  ],
  "id": "CVE-2022-43545",
  "lastModified": "2024-11-21T07:26:45.123",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-08T11:15:12.067",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2022-43398

Vulnerability from fkie_nvd - Published: 2022-11-08 11:15 - Updated: 2024-11-21 07:26
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies. An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user's account through the activated session.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdfMitigation, Patch, Vendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdfMitigation, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
Impacted products
Vendor Product Version
siemens 7kg9501-0aa01-2aa1_firmware *
siemens 7kg9501-0aa01-2aa1 -
siemens 7kg9501-0aa31-2aa1_firmware *
siemens 7kg9501-0aa31-2aa1 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "821380FC-8F3A-4437-94FF-FB95D9F187D0",
              "versionEndExcluding": "2.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "275E9296-AACA-4F3B-B8FA-D52A59E729DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE155DF-AB9B-4A85-A845-AF1B51B05833",
              "versionEndExcluding": "2.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC260D4F-53BD-433C-AE8F-FA2FA47BC921",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies.  An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user\u0027s account through the activated session."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en la familia POWER METER SICAM Q200 (Todas las versiones \u0026lt; V2.70). Los dispositivos afectados no renuevan la cookie de sesi\u00f3n despu\u00e9s de iniciar/cerrar sesi\u00f3n y tambi\u00e9n aceptan cookies de sesi\u00f3n definidas por el usuario. Un atacante podr\u00eda sobrescribir la cookie de sesi\u00f3n almacenada de un usuario. Despu\u00e9s de que la v\u00edctima inicia sesi\u00f3n, el atacante obtiene acceso a la cuenta del usuario a trav\u00e9s de la sesi\u00f3n activada."
    }
  ],
  "id": "CVE-2022-43398",
  "lastModified": "2024-11-21T07:26:24.183",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-08T11:15:11.940",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-384"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-384"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-44165

Vulnerability from fkie_nvd - Published: 2021-12-14 12:15 - Updated: 2024-11-21 06:30
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdfVendor Advisory
Impacted products
Vendor Product Version
siemens 7kg9501-0aa01-2aa1_firmware *
siemens 7kg9501-0aa01-2aa1 -
siemens 7kg9501-0aa31-0aa1_firmware *
siemens 7kg9501-0aa31-0aa1 -
siemens 7kg9501-0aa31-2aa1_firmware *
siemens 7kg9501-0aa31-2aa1 -
siemens 7kg9501-0aa01-0aa1_firmware *
siemens 7kg9501-0aa01-0aa1 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa01-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96EDF0C8-91BF-48C2-8FDC-C3AFBC8878D0",
              "versionEndExcluding": "2.41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa01-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "275E9296-AACA-4F3B-B8FA-D52A59E729DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa31-0aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B100E1D3-4D10-4066-9067-799076DD6643",
              "versionEndExcluding": "2.41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa31-0aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B09F87C0-1A7D-43F6-A02F-D808C880FF74",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa31-2aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27616240-C04A-4F45-8A6D-B8044242CF5C",
              "versionEndExcluding": "2.41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa31-2aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC260D4F-53BD-433C-AE8F-FA2FA47BC921",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:7kg9501-0aa01-0aa1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0414B9-4EF2-4486-A2BA-926CD0A1D23A",
              "versionEndExcluding": "2.41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:7kg9501-0aa01-0aa1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "632E89F3-80E7-4E2F-A3D3-0A6183F4A444",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en POWER METER SICAM Q100 (Todas las versiones anteriores a V2.41), POWER METER SICAM Q100 (Todas las versiones anteriores a V2.41), POWER METER SICAM Q100 (Todas las versiones anteriores a V2.41), POWER METER SICAM Q100 (Todas las versiones anteriores a V2.41). El firmware afectado contiene una vulnerabilidad de desbordamiento de b\u00fafer en la aplicaci\u00f3n web que podr\u00eda permitir a un atacante remoto con privilegios de ingeniero o administrador realizar potencialmente una ejecuci\u00f3n de c\u00f3digo remota"
    }
  ],
  "id": "CVE-2021-44165",
  "lastModified": "2024-11-21T06:30:28.937",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-14T12:15:10.923",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    }
  ]
}

CVE-2022-43398 (GCVE-0-2022-43398)

Vulnerability from cvelistv5 ā€“ Published: 2022-11-08 00:00 ā€“ Updated: 2024-08-03 13:32
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies. An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user's account through the activated session.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:58.148Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies.  An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user\u0027s account through the activated session."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-384",
              "description": "CWE-384: Session Fixation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T09:57:13.900Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43398",
    "datePublished": "2022-11-08T00:00:00",
    "dateReserved": "2022-10-18T00:00:00",
    "dateUpdated": "2024-08-03T13:32:58.148Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-43545 (GCVE-0-2022-43545)

Vulnerability from cvelistv5 ā€“ Published: 2022-11-08 00:00 ā€“ Updated: 2024-08-03 13:32
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
Severity ?
9.9 (Critical)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.727Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T09:58:12.217Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43545",
    "datePublished": "2022-11-08T00:00:00",
    "dateReserved": "2022-10-20T00:00:00",
    "dateUpdated": "2024-08-03T13:32:59.727Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-43439 (GCVE-0-2022-43439)

Vulnerability from cvelistv5 ā€“ Published: 2022-11-08 00:00 ā€“ Updated: 2025-12-09 10:44
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions < V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.10), SICAM T (All versions < V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
Severity ?
9.9 (Critical)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: 0 , < V2.50 (custom)
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: 0 , < V2.50 (custom)
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: 0 , < V2.50 (custom)
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: 0 , < V2.50 (custom)
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM T Affected: 0 , < V3.0 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.174Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM T",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions \u003c V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions \u003c V3.10), SICAM T (All versions \u003c V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port  443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-09T10:44:06.193Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-572005.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-570294.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-887249.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-471761.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43439",
    "datePublished": "2022-11-08T00:00:00",
    "dateReserved": "2022-10-19T00:00:00",
    "dateUpdated": "2025-12-09T10:44:06.193Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-43546 (GCVE-0-2022-43546)

Vulnerability from cvelistv5 ā€“ Published: 2022-11-08 00:00 ā€“ Updated: 2024-10-21 16:08
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
Severity ?
9.9 (Critical)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:siemens:sicam_q100_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sicam_q100_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.50",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:sicam_p850_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sicam_p850_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:sicam_p855_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sicam_p855_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-43546",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T17:16:01.044378Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-21T16:08:33.311Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T09:58:41.480Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43546",
    "datePublished": "2022-11-08T00:00:00",
    "dateReserved": "2022-10-20T00:00:00",
    "dateUpdated": "2024-10-21T16:08:33.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-44165 (GCVE-0-2021-44165)

Vulnerability from cvelistv5 ā€“ Published: 2021-12-14 12:06 ā€“ Updated: 2024-08-04 04:17
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.
Severity ?
No CVSS data available.
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: All versions < V2.41
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:17:24.538Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.41"
            }
          ]
        },
        {
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.41"
            }
          ]
        },
        {
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.41"
            }
          ]
        },
        {
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.41"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-14T12:06:52",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-44165",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "POWER METER SICAM Q100",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.41"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "POWER METER SICAM Q100",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.41"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "POWER METER SICAM Q100",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.41"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "POWER METER SICAM Q100",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.41"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121: Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-44165",
    "datePublished": "2021-12-14T12:06:52",
    "dateReserved": "2021-11-23T00:00:00",
    "dateUpdated": "2024-08-04T04:17:24.538Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-43398 (GCVE-0-2022-43398)

Vulnerability from nvd ā€“ Published: 2022-11-08 00:00 ā€“ Updated: 2024-08-03 13:32
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies. An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user's account through the activated session.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:58.148Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies.  An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user\u0027s account through the activated session."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-384",
              "description": "CWE-384: Session Fixation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T09:57:13.900Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43398",
    "datePublished": "2022-11-08T00:00:00",
    "dateReserved": "2022-10-18T00:00:00",
    "dateUpdated": "2024-08-03T13:32:58.148Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-43545 (GCVE-0-2022-43545)

Vulnerability from nvd ā€“ Published: 2022-11-08 00:00 ā€“ Updated: 2024-08-03 13:32
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
Severity ?
9.9 (Critical)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.727Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T09:58:12.217Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43545",
    "datePublished": "2022-11-08T00:00:00",
    "dateReserved": "2022-10-20T00:00:00",
    "dateUpdated": "2024-08-03T13:32:59.727Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-43439 (GCVE-0-2022-43439)

Vulnerability from nvd ā€“ Published: 2022-11-08 00:00 ā€“ Updated: 2025-12-09 10:44
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions < V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.10), SICAM T (All versions < V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
Severity ?
9.9 (Critical)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: 0 , < V2.50 (custom)
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: 0 , < V2.50 (custom)
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: 0 , < V2.50 (custom)
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: 0 , < V2.50 (custom)
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM T Affected: 0 , < V3.0 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.174Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM T",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions \u003c V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions \u003c V3.10), SICAM T (All versions \u003c V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port  443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-09T10:44:06.193Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-572005.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-570294.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-887249.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-471761.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43439",
    "datePublished": "2022-11-08T00:00:00",
    "dateReserved": "2022-10-19T00:00:00",
    "dateUpdated": "2025-12-09T10:44:06.193Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-43546 (GCVE-0-2022-43546)

Vulnerability from nvd ā€“ Published: 2022-11-08 00:00 ā€“ Updated: 2024-10-21 16:08
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.
Severity ?
9.9 (Critical)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens POWER METER SICAM Q100 Affected: All versions < V2.50
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P850 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
    Siemens SICAM P855 Affected: All versions < V3.10
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:siemens:sicam_q100_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sicam_q100_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.50",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:sicam_p850_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sicam_p850_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:sicam_p855_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sicam_p855_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-43546",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T17:16:01.044378Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-21T16:08:33.311Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T09:58:41.480Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43546",
    "datePublished": "2022-11-08T00:00:00",
    "dateReserved": "2022-10-20T00:00:00",
    "dateUpdated": "2024-10-21T16:08:33.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-44165 (GCVE-0-2021-44165)

Vulnerability from nvd ā€“ Published: 2021-12-14 12:06 ā€“ Updated: 2024-08-04 04:17
VLAI?
Summary
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41), POWER METER SICAM Q100 (All versions < V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution.
Severity ?
No CVSS data available.
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
Vendor Product Version
Siemens POWER METER SICAM Q100 Affected: All versions < V2.41
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:17:24.538Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.41"
            }
          ]
        },
        {
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.41"
            }
          ]
        },
        {
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.41"
            }
          ]
        },
        {
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.41"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-14T12:06:52",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-44165",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "POWER METER SICAM Q100",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.41"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "POWER METER SICAM Q100",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.41"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "POWER METER SICAM Q100",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.41"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "POWER METER SICAM Q100",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.41"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41), POWER METER SICAM Q100 (All versions \u003c V2.41). The affected firmware contains a buffer overflow vulnerability in the web application that could allow a remote attacker with engineer or admin priviliges to potentially perform remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121: Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-44165",
    "datePublished": "2021-12-14T12:06:52",
    "dateReserved": "2021-11-23T00:00:00",
    "dateUpdated": "2024-08-04T04:17:24.538Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}