Action not permitted
Modal body text goes here.
CVE-2022-34821
Vulnerability from cvelistv5
Published
2022-07-12 00:00
Modified
2024-08-03 09:22
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2), SCALANCE M804PB (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2), SCALANCE M874-2 (All versions < V7.2), SCALANCE M874-3 (All versions < V7.2), SCALANCE M876-3 (EVDO) (All versions < V7.2), SCALANCE M876-3 (ROK) (All versions < V7.2), SCALANCE M876-4 (All versions < V7.2), SCALANCE M876-4 (EU) (All versions < V7.2), SCALANCE M876-4 (NAM) (All versions < V7.2), SCALANCE MUM853-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (RoW) (All versions < V7.2), SCALANCE S615 (All versions < V7.2), SCALANCE S615 EEC (All versions < V7.2), SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= V2.3 < V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:10.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router (Annex A)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router (Annex B)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router (Annex A)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router (Annex B)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (EVDO)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC622-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC622-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 \u003c V3.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC626-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC626-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 \u003c V3.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC632-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC632-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 \u003c V3.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC636-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC636-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 \u003c V3.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC642-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC642-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 \u003c V3.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC646-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC646-2C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.3 \u003c V3.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM763-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 (US)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC (EU)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC (US)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1 (US)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.22"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.22"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T10:20:57.022Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-34821",
"datePublished": "2022-07-12T00:00:00",
"dateReserved": "2022-06-29T00:00:00",
"dateUpdated": "2024-08-03T09:22:10.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-34821\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2022-07-12T10:15:12.393\",\"lastModified\":\"2023-10-10T11:15:10.703\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en SIMATIC CP 1242-7 V2 (Todas las versiones anteriores a V3.3.46), SIMATIC CP 1243-1 (Todas las versiones anteriores a V3.3.46), SIMATIC CP 1243-7 LTE EU (Todas las versiones anteriores a V3.3.46), SIMATIC CP 1243-7 LTE US (Todas las versiones anteriores a V3. 3.46), SIMATIC CP 1243-8 IRC (Todas las versiones anteriores a V3.3.46), SIMATIC CP 1542SP-1 IRC (Todas las versiones posteriores o iguales a V2.0), SIMATIC CP 1543-1 (Todas las versiones anteriores a V3.0.22), SIMATIC CP 1543SP-1 (Todas las versiones posteriores o iguales a V2. 0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (Todas las versiones posteriores o iguales a V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (Todas las versiones posteriores o iguales a V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (Todas las versiones posteriores o iguales a V2. 0), SIPLUS NET CP 1242-7 V2 (Todas las versiones anteriores a V3.3.46), SIPLUS NET CP 1543-1 (Todas las versiones anteriores a V3.0.22), SIPLUS S7-1200 CP 1243-1 (Todas las versiones anteriores a V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (Todas las versiones anteriores a V3.3.46). Al inyectar c\u00f3digo a opciones de configuraci\u00f3n espec\u00edficas para OpenVPN, un atacante podr\u00eda ejecutar c\u00f3digo arbitrario con privilegios elevados\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.6,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":9.3},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"840C5C25-1E34-42FA-8221-7232622C204F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29D4C72C-4E84-4563-9D66-5C641AB996BA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE3D7928-8E1A-400E-B790-58D6F5938E3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA9BB25C-D5E3-43DE-8C73-06BDC43CA960\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93D43BC6-EDE3-4EE1-9410-4717EB641AD0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"651C66E8-B3C0-4E88-BC7C-30BF16A7F7A3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"786F3FFD-87E4-45B9-A33C-BAE58379FF39\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF9224A6-8A35-4F4F-951F-5B24B89E5FC8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2AA6B43-7FC7-465A-9CD8-E8A4D6DBCD27\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12A45F37-1E7D-4748-ADAC-EC4C454B693A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E362CEA5-F47B-4294-8F2D-A0A7AC6FF390\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"matchCriteriaId\":\"1674851A-D8DC-47C5-9D63-2F1082CE0366\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0.22\",\"matchCriteriaId\":\"BFC6ACFD-8893-4EA3-976B-FAAF7240C5DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FDE92FB-38C7-46E8-9208-BBD7872219D5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"matchCriteriaId\":\"78127221-D455-4145-9B84-A598A284D591\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"843A8686-5172-4782-BB97-B5D3C6FB27A3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"matchCriteriaId\":\"23C55242-F638-415E-B683-EE1484770105\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF3E5DDA-1BD4-4511-A2C8-4B5D40E6755E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"matchCriteriaId\":\"07505420-ADE4-4409-AFCC-45BCBC995543\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A60FC550-A518-46BF-9124-E21DD654981C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0\",\"matchCriteriaId\":\"C624BBC7-D8C5-4C2F-B56B-D59D55F013F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25634AD2-2CC0-45AF-B5DE-39D30CBA91A4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_net_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FE26E32-47C0-4976-A23A-07C1AE318C35\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"116E84DA-31F7-4AAC-A1AE-491C4C98BD49\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0.22\",\"matchCriteriaId\":\"43CDCCE3-B8C0-44D4-A8A0-25C49A4EA240\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_net_cp_1543-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D7AB0D5-FD3E-416A-975B-D212B3350433\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E700BF4C-64B1-455C-A6A6-3E4D71FB91B7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9E746CF-4009-4A14-8916-A9E0276CAF8B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B3C83EF-5D93-4F0B-80F9-997261F3DBA9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A294530-727C-4535-8B02-668DF74587D4\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf\",\"source\":\"productcert@siemens.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
icsa-22-349-04
Vulnerability from csaf_cisa
Published
2022-12-15 00:00
Modified
2022-12-15 00:00
Summary
Siemens Multiple Vulnerabilities in SCALANCE Products
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities would allow an attacker to execute arbitrary code with elevated privileges or retrieve user credentials and other sensitive information.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability these vulnerabilities. Specifically, users should:
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities would allow an attacker to execute arbitrary code with elevated privileges or retrieve user credentials and other sensitive information.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": " Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": " Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": " Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "external",
"summary": "SSA-413565: Multiple Vulnerabilities in SCALANCE Products - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-413565.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-349-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-349-04.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-349-04 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "SSA-413565: Multiple Vulnerabilities in SCALANCE Products - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-413565.html"
},
{
"category": "external",
"summary": "SSA-413565: Multiple Vulnerabilities in SCALANCE Products - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
},
{
"category": "external",
"summary": "SSA-413565: Multiple Vulnerabilities in SCALANCE Products - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-413565.txt"
}
],
"title": "Siemens Multiple Vulnerabilities in SCALANCE Products",
"tracking": {
"current_release_date": "2022-12-15T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-349-04",
"initial_release_date": "2022-12-15T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-12-15T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK6108-4AM00-2BA2"
]
}
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"model_numbers": [
"6GK6108-4AM00-2DA2"
]
}
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M804PB (6GK5804-0AP00-2AA2)",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"model_numbers": [
"6GK5804-0AP00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M804PB (6GK5804-0AP00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2)",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"model_numbers": [
"6GK5812-1AA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2)",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"model_numbers": [
"6GK5812-1BA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2)",
"product_id": "CSAFPID-0006",
"product_identification_helper": {
"model_numbers": [
"6GK5816-1AA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2)",
"product_id": "CSAFPID-0007",
"product_identification_helper": {
"model_numbers": [
"6GK5816-1BA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)",
"product_id": "CSAFPID-0008",
"product_identification_helper": {
"model_numbers": [
"6GK5826-2AB00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M874-2 (6GK5874-2AA00-2AA2)",
"product_id": "CSAFPID-0009",
"product_identification_helper": {
"model_numbers": [
"6GK5874-2AA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M874-2 (6GK5874-2AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M874-3 (6GK5874-3AA00-2AA2)",
"product_id": "CSAFPID-00010",
"product_identification_helper": {
"model_numbers": [
"6GK5874-3AA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M874-3 (6GK5874-3AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2)",
"product_id": "CSAFPID-00011",
"product_identification_helper": {
"model_numbers": [
"6GK5876-3AA02-2BA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)",
"product_id": "CSAFPID-00012",
"product_identification_helper": {
"model_numbers": [
"6GK5876-3AA02-2EA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M876-4 (6GK5876-4AA10-2BA2)",
"product_id": "CSAFPID-00013",
"product_identification_helper": {
"model_numbers": [
"6GK5876-4AA10-2BA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (6GK5876-4AA10-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)",
"product_id": "CSAFPID-00014",
"product_identification_helper": {
"model_numbers": [
"6GK5876-4AA00-2BA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)",
"product_id": "CSAFPID-00015",
"product_identification_helper": {
"model_numbers": [
"6GK5876-4AA00-2DA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)",
"product_id": "CSAFPID-00016",
"product_identification_helper": {
"model_numbers": [
"6GK5853-2EA00-2DA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)",
"product_id": "CSAFPID-00017",
"product_identification_helper": {
"model_numbers": [
"6GK5856-2EA00-3DA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)",
"product_id": "CSAFPID-00018",
"product_identification_helper": {
"model_numbers": [
"6GK5856-2EA00-3AA1"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE S615 (6GK5615-0AA00-2AA2)",
"product_id": "CSAFPID-00019",
"product_identification_helper": {
"model_numbers": [
"6GK5615-0AA00-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE S615 (6GK5615-0AA00-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV7.2",
"product": {
"name": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2)",
"product_id": "CSAFPID-00020",
"product_identification_helper": {
"model_numbers": [
"6GK5615-0AA01-2AA2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE S615 EEC (6GK5615-0AA01-2AA2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.3",
"product": {
"name": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2)",
"product_id": "CSAFPID-00021",
"product_identification_helper": {
"model_numbers": [
"6GK5622-2GS00-2AC2"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003e=2.3\u003cV3.0",
"product": {
"name": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2)",
"product_id": "CSAFPID-00022",
"product_identification_helper": {
"model_numbers": [
"6GK5622-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC622-2C (6GK5622-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.3",
"product": {
"name": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2)",
"product_id": "CSAFPID-00023",
"product_identification_helper": {
"model_numbers": [
"6GK5626-2GS00-2AC2"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003e=2.3\u003cV3.0",
"product": {
"name": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2)",
"product_id": "CSAFPID-00024",
"product_identification_helper": {
"model_numbers": [
"6GK5626-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC626-2C (6GK5626-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.3",
"product": {
"name": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2)",
"product_id": "CSAFPID-00025",
"product_identification_helper": {
"model_numbers": [
"6GK5632-2GS00-2AC2"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003e=2.3\u003cV3.0",
"product": {
"name": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2)",
"product_id": "CSAFPID-00026",
"product_identification_helper": {
"model_numbers": [
"6GK5632-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC632-2C (6GK5632-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.3",
"product": {
"name": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2)",
"product_id": "CSAFPID-00027",
"product_identification_helper": {
"model_numbers": [
"6GK5636-2GS00-2AC2"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003e=2.3\u003cV3.0",
"product": {
"name": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2)",
"product_id": "CSAFPID-00028",
"product_identification_helper": {
"model_numbers": [
"6GK5636-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC636-2C (6GK5636-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.3",
"product": {
"name": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2)",
"product_id": "CSAFPID-00029",
"product_identification_helper": {
"model_numbers": [
"6GK5642-2GS00-2AC2"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003e=2.3\u003cV3.0",
"product": {
"name": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2)",
"product_id": "CSAFPID-00030",
"product_identification_helper": {
"model_numbers": [
"6GK5642-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC642-2C (6GK5642-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.3",
"product": {
"name": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2)",
"product_id": "CSAFPID-00031",
"product_identification_helper": {
"model_numbers": [
"6GK5646-2GS00-2AC2"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:all/\u003e=2.3\u003cV3.0",
"product": {
"name": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2)",
"product_id": "CSAFPID-00032",
"product_identification_helper": {
"model_numbers": [
"6GK5646-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE SC646-2C (6GK5646-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)",
"product_id": "CSAFPID-00033",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GY01-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)",
"product_id": "CSAFPID-00034",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GY01-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)",
"product_id": "CSAFPID-00035",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1GY01-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)",
"product_id": "CSAFPID-00036",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GY01-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)",
"product_id": "CSAFPID-00037",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GY01-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)",
"product_id": "CSAFPID-00038",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2HY01-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)",
"product_id": "CSAFPID-00039",
"product_identification_helper": {
"model_numbers": [
"6GK5721-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)",
"product_id": "CSAFPID-00040",
"product_identification_helper": {
"model_numbers": [
"6GK5721-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)",
"product_id": "CSAFPID-00041",
"product_identification_helper": {
"model_numbers": [
"6GK5722-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)",
"product_id": "CSAFPID-00042",
"product_identification_helper": {
"model_numbers": [
"6GK5722-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)",
"product_id": "CSAFPID-00043",
"product_identification_helper": {
"model_numbers": [
"6GK5722-1FC00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W722-1 RJ45 (6GK5722-1FC00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)",
"product_id": "CSAFPID-00044",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)",
"product_id": "CSAFPID-00045",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)",
"product_id": "CSAFPID-00046",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (6GK5734-1FX00-0AA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)",
"product_id": "CSAFPID-00047",
"product_identification_helper": {
"model_numbers": [
"6GK5734-1FX00-0AB6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W734-1 RJ45 (USA) (6GK5734-1FX00-0AB6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)",
"product_id": "CSAFPID-00048",
"product_identification_helper": {
"model_numbers": [
"6GK5738-1GY00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)",
"product_id": "CSAFPID-00049",
"product_identification_helper": {
"model_numbers": [
"6GK5738-1GY00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W738-1 M12 (6GK5738-1GY00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)",
"product_id": "CSAFPID-00050",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GD00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)",
"product_id": "CSAFPID-00051",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1GD00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 M12 (6GK5748-1GD00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)",
"product_id": "CSAFPID-00052",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)",
"product_id": "CSAFPID-00053",
"product_identification_helper": {
"model_numbers": [
"6GK5748-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W748-1 RJ45 (6GK5748-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)",
"product_id": "CSAFPID-00054",
"product_identification_helper": {
"model_numbers": [
"6GK5761-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)",
"product_id": "CSAFPID-00055",
"product_identification_helper": {
"model_numbers": [
"6GK5761-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W761-1 RJ45 (6GK5761-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)",
"product_id": "CSAFPID-00056",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FY00-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)",
"product_id": "CSAFPID-00057",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FY00-0TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 M12 EEC (6GK5774-1FY00-0TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)",
"product_id": "CSAFPID-00058",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)",
"product_id": "CSAFPID-00059",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)",
"product_id": "CSAFPID-00060",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)",
"product_id": "CSAFPID-00061",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AA6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (6GK5774-1FX00-0AA6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)",
"product_id": "CSAFPID-00062",
"product_identification_helper": {
"model_numbers": [
"6GK5774-1FX00-0AB6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W774-1 RJ45 (USA) (6GK5774-1FX00-0AB6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)",
"product_id": "CSAFPID-00063",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)",
"product_id": "CSAFPID-00064",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 (6GK5778-1GY00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)",
"product_id": "CSAFPID-00065",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 EEC (6GK5778-1GY00-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)",
"product_id": "CSAFPID-00066",
"product_identification_helper": {
"model_numbers": [
"6GK5778-1GY00-0TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W778-1 M12 EEC (USA) (6GK5778-1GY00-0TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)",
"product_id": "CSAFPID-00067",
"product_identification_helper": {
"model_numbers": [
"6GK5786-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)",
"product_id": "CSAFPID-00068",
"product_identification_helper": {
"model_numbers": [
"6GK5786-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-1 RJ45 (6GK5786-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)",
"product_id": "CSAFPID-00069",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)",
"product_id": "CSAFPID-00070",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)",
"product_id": "CSAFPID-00071",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FC00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 RJ45 (6GK5786-2FC00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)",
"product_id": "CSAFPID-00072",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FE00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)",
"product_id": "CSAFPID-00073",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2FE00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2 SFP (6GK5786-2FE00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)",
"product_id": "CSAFPID-00074",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2HC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)",
"product_id": "CSAFPID-00075",
"product_identification_helper": {
"model_numbers": [
"6GK5786-2HC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W786-2IA RJ45 (6GK5786-2HC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)",
"product_id": "CSAFPID-00076",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1GD00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)",
"product_id": "CSAFPID-00077",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1GD00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 M12 (6GK5788-1GD00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)",
"product_id": "CSAFPID-00078",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)",
"product_id": "CSAFPID-00079",
"product_identification_helper": {
"model_numbers": [
"6GK5788-1FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-1 RJ45 (6GK5788-1FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)",
"product_id": "CSAFPID-00080",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)",
"product_id": "CSAFPID-00081",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 (6GK5788-2GD00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)",
"product_id": "CSAFPID-00082",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)",
"product_id": "CSAFPID-00083",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)",
"product_id": "CSAFPID-00084",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2GD00-0TC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 M12 EEC (6GK5788-2GD00-0TC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)",
"product_id": "CSAFPID-00085",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2FC00-0AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)",
"product_id": "CSAFPID-00086",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2FC00-0AB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)",
"product_id": "CSAFPID-00087",
"product_identification_helper": {
"model_numbers": [
"6GK5788-2FC00-0AC0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE W788-2 RJ45 (6GK5788-2FC00-0AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.0",
"product": {
"name": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)",
"product_id": "CSAFPID-00088",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-7DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM763-1 (6GK5763-1AL00-7DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.0",
"product": {
"name": "SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0)",
"product_id": "CSAFPID-00089",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.0",
"product": {
"name": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)",
"product_id": "CSAFPID-00090",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM766-1 6GHz (6GK5766-1JE00-7DA0)",
"product_id": "CSAFPID-00091",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1JE00-7DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 6GHz (6GK5766-1JE00-7DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.0",
"product": {
"name": "SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0)",
"product_id": "CSAFPID-00092",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.0",
"product": {
"name": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)",
"product_id": "CSAFPID-00093",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-7TB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WAM766-1 EEC 6GHz (6GK5766-1JE00-7TA0)",
"product_id": "CSAFPID-00094",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1JE00-7TA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WAM766-1 EEC 6GHz (6GK5766-1JE00-7TA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.0",
"product": {
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)",
"product_id": "CSAFPID-00095",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.0",
"product": {
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)",
"product_id": "CSAFPID-00096",
"product_identification_helper": {
"model_numbers": [
"6GK5763-1AL00-3AA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM763-1 (6GK5763-1AL00-3AA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.0",
"product": {
"name": "SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0)",
"product_id": "CSAFPID-00097",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV2.0",
"product": {
"name": "SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0)",
"product_id": "CSAFPID-00098",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1GE00-3DB0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE WUM766-1 6GHz (6GK5766-1JE00-3DA0)",
"product_id": "CSAFPID-00099",
"product_identification_helper": {
"model_numbers": [
"6GK5766-1JE00-3DA0"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE WUM766-1 6GHz (6GK5766-1JE00-3DA0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2)",
"product_id": "CSAFPID-000100",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BB00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (SC, PN) (6GK5205-3BB00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2)",
"product_id": "CSAFPID-000101",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BD00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BD00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2)",
"product_id": "CSAFPID-000102",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BB00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (ST, E/IP) (6GK5205-3BB00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2)",
"product_id": "CSAFPID-000103",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BD00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3 (ST, PN) (6GK5205-3BD00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2)",
"product_id": "CSAFPID-000104",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BF00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3LD (SC, E/IP) (6GK5205-3BF00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2)",
"product_id": "CSAFPID-000105",
"product_identification_helper": {
"model_numbers": [
"6GK5205-3BF00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB205-3LD (SC, PN) (6GK5205-3BF00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2)",
"product_id": "CSAFPID-000106",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB208 (E/IP) (6GK5208-0BA00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2)",
"product_id": "CSAFPID-000107",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB208 (PN) (6GK5208-0BA00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2)",
"product_id": "CSAFPID-000108",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BD00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (SC, E/IP) (6GK5213-3BD00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2)",
"product_id": "CSAFPID-000109",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BD00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (SC, PN) (6GK5213-3BD00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2)",
"product_id": "CSAFPID-000110",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BB00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (ST, E/IP) (6GK5213-3BB00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2)",
"product_id": "CSAFPID-000111",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BB00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3 (ST, PN) (6GK5213-3BB00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2)",
"product_id": "CSAFPID-000112",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BF00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3LD (SC, E/IP) (6GK5213-3BF00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2)",
"product_id": "CSAFPID-000113",
"product_identification_helper": {
"model_numbers": [
"6GK5213-3BF00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB213-3LD (SC, PN) (6GK5213-3BF00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2)",
"product_id": "CSAFPID-000114",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2TB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB216 (E/IP) (6GK5216-0BA00-2TB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2)",
"product_id": "CSAFPID-000115",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2AB2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XB216 (PN) (6GK5216-0BA00-2AB2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2)",
"product_id": "CSAFPID-000116",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BD00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2 (SC) (6GK5206-2BD00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2)",
"product_id": "CSAFPID-000117",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BB00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2 (ST/BFOC) (6GK5206-2BB00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2)",
"product_id": "CSAFPID-000118",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2RS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2G PoE (6GK5206-2RS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2)",
"product_id": "CSAFPID-000119",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2RS00-5AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2G PoE (54 V DC) (6GK5206-2RS00-5AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2)",
"product_id": "CSAFPID-000120",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2RS00-5FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2G PoE EEC (54 V DC) (6GK5206-2RS00-5FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2)",
"product_id": "CSAFPID-000121",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP (6GK5206-2BS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2)",
"product_id": "CSAFPID-000122",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2BS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP EEC (6GK5206-2BS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2)",
"product_id": "CSAFPID-000123",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP G (6GK5206-2GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2)",
"product_id": "CSAFPID-000124",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2GS00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP G (EIP DEF.) (6GK5206-2GS00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2)",
"product_id": "CSAFPID-000125",
"product_identification_helper": {
"model_numbers": [
"6GK5206-2GS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC206-2SFP G EEC (6GK5206-2GS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC208 (6GK5208-0BA00-2AC2)",
"product_id": "CSAFPID-000126",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208 (6GK5208-0BA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC208EEC (6GK5208-0BA00-2FC2)",
"product_id": "CSAFPID-000127",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0BA00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208EEC (6GK5208-0BA00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC208G (6GK5208-0GA00-2AC2)",
"product_id": "CSAFPID-000128",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0GA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G (6GK5208-0GA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2)",
"product_id": "CSAFPID-000129",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0GA00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G (EIP def.) (6GK5208-0GA00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC208G EEC (6GK5208-0GA00-2FC2)",
"product_id": "CSAFPID-000130",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0GA00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G EEC (6GK5208-0GA00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC208G PoE (6GK5208-0RA00-2AC2)",
"product_id": "CSAFPID-000131",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0RA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G PoE (6GK5208-0RA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2)",
"product_id": "CSAFPID-000132",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0RA00-5AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC208G PoE (54 V DC) (6GK5208-0RA00-5AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC216 (6GK5216-0BA00-2AC2)",
"product_id": "CSAFPID-000133",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216 (6GK5216-0BA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2)",
"product_id": "CSAFPID-000134",
"product_identification_helper": {
"model_numbers": [
"6GK5216-3RS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-3G PoE (6GK5216-3RS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2)",
"product_id": "CSAFPID-000135",
"product_identification_helper": {
"model_numbers": [
"6GK5216-3RS00-5AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-3G PoE (54 V DC) (6GK5216-3RS00-5AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC216-4C (6GK5216-4BS00-2AC2)",
"product_id": "CSAFPID-000136",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4BS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C (6GK5216-4BS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC216-4C G (6GK5216-4GS00-2AC2)",
"product_id": "CSAFPID-000137",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C G (6GK5216-4GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2)",
"product_id": "CSAFPID-000138",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4GS00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C G (EIP Def.) (6GK5216-4GS00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2)",
"product_id": "CSAFPID-000139",
"product_identification_helper": {
"model_numbers": [
"6GK5216-4GS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216-4C G EEC (6GK5216-4GS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC216EEC (6GK5216-0BA00-2FC2)",
"product_id": "CSAFPID-000140",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0BA00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC216EEC (6GK5216-0BA00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC224 (6GK5224-0BA00-2AC2)",
"product_id": "CSAFPID-000141",
"product_identification_helper": {
"model_numbers": [
"6GK5224-0BA00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224 (6GK5224-0BA00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC224-4C G (6GK5224-4GS00-2AC2)",
"product_id": "CSAFPID-000142",
"product_identification_helper": {
"model_numbers": [
"6GK5224-4GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224-4C G (6GK5224-4GS00-2AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2)",
"product_id": "CSAFPID-000143",
"product_identification_helper": {
"model_numbers": [
"6GK5224-4GS00-2TC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224-4C G (EIP Def.) (6GK5224-4GS00-2TC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2)",
"product_id": "CSAFPID-000144",
"product_identification_helper": {
"model_numbers": [
"6GK5224-4GS00-2FC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XC224-4C G EEC (6GK5224-4GS00-2FC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XF204 (6GK5204-0BA00-2GF2)",
"product_id": "CSAFPID-000145",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2GF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204 (6GK5204-0BA00-2GF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XF204 DNA (6GK5204-0BA00-2YF2)",
"product_id": "CSAFPID-000146",
"product_identification_helper": {
"model_numbers": [
"6GK5204-0BA00-2YF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204 DNA (6GK5204-0BA00-2YF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XF204-2BA (6GK5204-2AA00-2GF2)",
"product_id": "CSAFPID-000147",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2AA00-2GF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204-2BA (6GK5204-2AA00-2GF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2)",
"product_id": "CSAFPID-000148",
"product_identification_helper": {
"model_numbers": [
"6GK5204-2AA00-2YF2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XF204-2BA DNA (6GK5204-2AA00-2YF2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XM408-4C (6GK5408-4GP00-2AM2)",
"product_id": "CSAFPID-000149",
"product_identification_helper": {
"model_numbers": [
"6GK5408-4GP00-2AM2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XM408-4C (6GK5408-4GP00-2AM2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2)",
"product_id": "CSAFPID-000150",
"product_identification_helper": {
"model_numbers": [
"6GK5408-4GQ00-2AM2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XM408-4C (L3 int.) (6GK5408-4GQ00-2AM2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XM408-8C (6GK5408-8GS00-2AM2)",
"product_id": "CSAFPID-000151",
"product_identification_helper": {
"model_numbers": [
"6GK5408-8GS00-2AM2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XM408-8C (6GK5408-8GS00-2AM2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2)",
"product_id": "CSAFPID-000152",
"product_identification_helper": {
"model_numbers": [
"6GK5408-8GR00-2AM2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XM408-8C (L3 int.) (6GK5408-8GR00-2AM2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XM416-4C (6GK5416-4GS00-2AM2)",
"product_id": "CSAFPID-000153",
"product_identification_helper": {
"model_numbers": [
"6GK5416-4GS00-2AM2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XM416-4C (6GK5416-4GS00-2AM2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2)",
"product_id": "CSAFPID-000154",
"product_identification_helper": {
"model_numbers": [
"6GK5416-4GR00-2AM2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XM416-4C (L3 int.) (6GK5416-4GR00-2AM2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XP208 (6GK5208-0HA00-2AS6)",
"product_id": "CSAFPID-000155",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA00-2AS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208 (6GK5208-0HA00-2AS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6)",
"product_id": "CSAFPID-000156",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA00-2TS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208 (Ethernet/IP) (6GK5208-0HA00-2TS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XP208EEC (6GK5208-0HA00-2ES6)",
"product_id": "CSAFPID-000157",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0HA00-2ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208EEC (6GK5208-0HA00-2ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6)",
"product_id": "CSAFPID-000158",
"product_identification_helper": {
"model_numbers": [
"6GK5208-0UA00-5ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP208PoE EEC (6GK5208-0UA00-5ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XP216 (6GK5216-0HA00-2AS6)",
"product_id": "CSAFPID-000159",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0HA00-2AS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216 (6GK5216-0HA00-2AS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6)",
"product_id": "CSAFPID-000160",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0HA00-2TS6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216 (Ethernet/IP) (6GK5216-0HA00-2TS6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XP216EEC (6GK5216-0HA00-2ES6)",
"product_id": "CSAFPID-000161",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0HA00-2ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216EEC (6GK5216-0HA00-2ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6)",
"product_id": "CSAFPID-000162",
"product_identification_helper": {
"model_numbers": [
"6GK5216-0UA00-5ES6"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XP216POE EEC (6GK5216-0UA00-5ES6)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3)",
"product_id": "CSAFPID-000163",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0BA00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324WG (24 x FE, AC 230V) (6GK5324-0BA00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3)",
"product_id": "CSAFPID-000164",
"product_identification_helper": {
"model_numbers": [
"6GK5324-0BA00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR324WG (24 X FE, DC 24V) (6GK5324-0BA00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3)",
"product_id": "CSAFPID-000165",
"product_identification_helper": {
"model_numbers": [
"6GK5326-2QS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-2C PoE WG (6GK5326-2QS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3)",
"product_id": "CSAFPID-000166",
"product_identification_helper": {
"model_numbers": [
"6GK5326-2QS00-3RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR326-2C PoE WG (without UL) (6GK5326-2QS00-3RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3)",
"product_id": "CSAFPID-000167",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) (6GK5328-4FS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3)",
"product_id": "CSAFPID-000168",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-2RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) (6GK5328-4FS00-2RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3)",
"product_id": "CSAFPID-000169",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3)",
"product_id": "CSAFPID-000170",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4FS00-3RR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) (6GK5328-4FS00-3RR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3)",
"product_id": "CSAFPID-000171",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4SS00-3AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (28xGE, AC 230V) (6GK5328-4SS00-3AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3)",
"product_id": "CSAFPID-000172",
"product_identification_helper": {
"model_numbers": [
"6GK5328-4SS00-2AR3"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR328-4C WG (28xGE, DC 24V) (6GK5328-4SS00-2AR3)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2)",
"product_id": "CSAFPID-000173",
"product_identification_helper": {
"model_numbers": [
"6GK5524-8GS00-3AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8C, 1x230V (6GK5524-8GS00-3AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2)",
"product_id": "CSAFPID-000174",
"product_identification_helper": {
"model_numbers": [
"6GK5524-8GR00-3AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8C, 1x230V (L3 int.) (6GK5524-8GR00-3AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2)",
"product_id": "CSAFPID-000175",
"product_identification_helper": {
"model_numbers": [
"6GK5524-8GS00-2AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8C, 24V (6GK5524-8GS00-2AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2)",
"product_id": "CSAFPID-000176",
"product_identification_helper": {
"model_numbers": [
"6GK5524-8GR00-2AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8C, 24V (L3 int.) (6GK5524-8GR00-2AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2)",
"product_id": "CSAFPID-000177",
"product_identification_helper": {
"model_numbers": [
"6GK5524-8GS00-4AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8C, 2x230V (6GK5524-8GS00-4AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2)",
"product_id": "CSAFPID-000178",
"product_identification_helper": {
"model_numbers": [
"6GK5524-8GR00-4AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR524-8C, 2x230V (L3 int.) (6GK5524-8GR00-4AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2)",
"product_id": "CSAFPID-000179",
"product_identification_helper": {
"model_numbers": [
"6GK5526-8GS00-3AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8C, 1x230V (6GK5526-8GS00-3AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2)",
"product_id": "CSAFPID-000180",
"product_identification_helper": {
"model_numbers": [
"6GK5526-8GR00-3AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8C, 1x230V (L3 int.) (6GK5526-8GR00-3AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2)",
"product_id": "CSAFPID-000181",
"product_identification_helper": {
"model_numbers": [
"6GK5526-8GS00-2AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8C, 24V (6GK5526-8GS00-2AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2)",
"product_id": "CSAFPID-000182",
"product_identification_helper": {
"model_numbers": [
"6GK5526-8GR00-2AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8C, 24V (L3 int.) (6GK5526-8GR00-2AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2)",
"product_id": "CSAFPID-000183",
"product_identification_helper": {
"model_numbers": [
"6GK5526-8GS00-4AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8C, 2x230V (6GK5526-8GS00-4AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2)",
"product_id": "CSAFPID-000184",
"product_identification_helper": {
"model_numbers": [
"6GK5526-8GR00-4AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR526-8C, 2x230V (L3 int.) (6GK5526-8GR00-4AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR528-6M (6GK5528-0AA00-2AR2)",
"product_id": "CSAFPID-000185",
"product_identification_helper": {
"model_numbers": [
"6GK5528-0AA00-2AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR528-6M (6GK5528-0AA00-2AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2)",
"product_id": "CSAFPID-000186",
"product_identification_helper": {
"model_numbers": [
"6GK5528-0AR00-2HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR528-6M (2HR2, L3 int.) (6GK5528-0AR00-2HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2)",
"product_id": "CSAFPID-000187",
"product_identification_helper": {
"model_numbers": [
"6GK5528-0AA00-2HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR528-6M (2HR2) (6GK5528-0AA00-2HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2)",
"product_id": "CSAFPID-000188",
"product_identification_helper": {
"model_numbers": [
"6GK5528-0AR00-2AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR528-6M (L3 int.) (6GK5528-0AR00-2AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR552-12M (6GK5552-0AA00-2AR2)",
"product_id": "CSAFPID-000189",
"product_identification_helper": {
"model_numbers": [
"6GK5552-0AA00-2AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR552-12M (6GK5552-0AA00-2AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2)",
"product_id": "CSAFPID-000190",
"product_identification_helper": {
"model_numbers": [
"6GK5552-0AR00-2AR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR552-12M (2HR2, L3 int.) (6GK5552-0AR00-2AR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2)",
"product_id": "CSAFPID-000191",
"product_identification_helper": {
"model_numbers": [
"6GK5552-0AA00-2HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR552-12M (2HR2) (6GK5552-0AA00-2HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV6.6",
"product": {
"name": "SCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2)",
"product_id": "CSAFPID-000192",
"product_identification_helper": {
"model_numbers": [
"6GK5552-0AR00-2HR2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE XR552-12M (2HR2) (6GK5552-0AR00-2HR2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2)",
"product_id": "CSAFPID-000193",
"product_identification_helper": {
"model_numbers": [
"6AG1206-2BB00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC206-2 (6AG1206-2BB00-7AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2)",
"product_id": "CSAFPID-000194",
"product_identification_helper": {
"model_numbers": [
"6AG1206-2BS00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC206-2SFP (6AG1206-2BS00-7AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2)",
"product_id": "CSAFPID-000195",
"product_identification_helper": {
"model_numbers": [
"6AG1208-0BA00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC208 (6AG1208-0BA00-7AC2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/\u003cV4.4",
"product": {
"name": "SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2)",
"product_id": "CSAFPID-000196",
"product_identification_helper": {
"model_numbers": [
"6AG1216-4BS00-7AC2"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET SCALANCE XC216-4C (6AG1216-4BS00-7AC2)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34821",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032"
]
},
"references": [
{
"category": "external",
"summary": "nvd.nist.gov",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34821"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V7.2 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817007/"
},
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"CSAFPID-00022",
"CSAFPID-00024",
"CSAFPID-00026",
"CSAFPID-00028",
"CSAFPID-00030",
"CSAFPID-00032"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109814276/"
},
{
"category": "vendor_fix",
"details": "Update to V2.3 or later version",
"product_ids": [
"CSAFPID-00021",
"CSAFPID-00023",
"CSAFPID-00025",
"CSAFPID-00027",
"CSAFPID-00029",
"CSAFPID-00031"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805907/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032"
]
}
],
"title": "CVE-2022-34821"
},
{
"cve": "CVE-2022-46140",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"notes": [
{
"category": "summary",
"text": "Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00023",
"CSAFPID-00025",
"CSAFPID-00027",
"CSAFPID-00029",
"CSAFPID-00031",
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087",
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00091",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00094",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098",
"CSAFPID-00099",
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
]
},
"references": [
{
"category": "external",
"summary": "nvd.nist.gov",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46140"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00091",
"CSAFPID-00094",
"CSAFPID-00099",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109815650/"
},
{
"category": "vendor_fix",
"details": "Update to V4.4 or later version",
"product_ids": [
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817768/"
},
{
"category": "vendor_fix",
"details": "Update to V6.6 or later version",
"product_ids": [
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109818003/"
},
{
"category": "vendor_fix",
"details": "Update to V7.2 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817007/"
},
{
"category": "vendor_fix",
"details": "Update to V2.3 or later version",
"product_ids": [
"CSAFPID-00021",
"CSAFPID-00023",
"CSAFPID-00025",
"CSAFPID-00027",
"CSAFPID-00029",
"CSAFPID-00031"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805907/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00023",
"CSAFPID-00025",
"CSAFPID-00027",
"CSAFPID-00029",
"CSAFPID-00031",
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087",
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00091",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00094",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098",
"CSAFPID-00099",
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00023",
"CSAFPID-00025",
"CSAFPID-00027",
"CSAFPID-00029",
"CSAFPID-00031",
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087",
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00091",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00094",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098",
"CSAFPID-00099",
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
]
}
],
"title": "CVE-2022-46140"
},
{
"cve": "CVE-2022-46142",
"cwe": {
"id": "CWE-257",
"name": "Storing Passwords in a Recoverable Format"
},
"notes": [
{
"category": "summary",
"text": "Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087",
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00091",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00094",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098",
"CSAFPID-00099",
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
]
},
"references": [
{
"category": "external",
"summary": "nvd.nist.gov",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46142"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00091",
"CSAFPID-00094",
"CSAFPID-00099",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109815650/"
},
{
"category": "vendor_fix",
"details": "Update to V4.4 or later version",
"product_ids": [
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817768/"
},
{
"category": "vendor_fix",
"details": "Update to V6.6 or later version",
"product_ids": [
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109818003/"
},
{
"category": "vendor_fix",
"details": "Update to V7.2 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817007/"
},
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"CSAFPID-00022",
"CSAFPID-00024",
"CSAFPID-00026",
"CSAFPID-00028",
"CSAFPID-00030",
"CSAFPID-00032"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109814276/"
},
{
"category": "vendor_fix",
"details": "Update to V2.3 or later version",
"product_ids": [
"CSAFPID-00021",
"CSAFPID-00023",
"CSAFPID-00025",
"CSAFPID-00027",
"CSAFPID-00029",
"CSAFPID-00031"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805907/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087",
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00091",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00094",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098",
"CSAFPID-00099",
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087",
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00091",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00094",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098",
"CSAFPID-00099",
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
]
}
],
"title": "CVE-2022-46142"
},
{
"cve": "CVE-2022-46143",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087",
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00091",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00094",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098",
"CSAFPID-00099",
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
]
},
"references": [
{
"category": "external",
"summary": "nvd.nist.gov",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46143"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00091",
"CSAFPID-00094",
"CSAFPID-00099",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109815650/"
},
{
"category": "vendor_fix",
"details": "Update to V4.4 or later version",
"product_ids": [
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817768/"
},
{
"category": "vendor_fix",
"details": "Update to V6.6 or later version",
"product_ids": [
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109818003/"
},
{
"category": "vendor_fix",
"details": "Update to V7.2 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817007/"
},
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"CSAFPID-00022",
"CSAFPID-00024",
"CSAFPID-00026",
"CSAFPID-00028",
"CSAFPID-00030",
"CSAFPID-00032"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109814276/"
},
{
"category": "vendor_fix",
"details": "Update to V2.3 or later version",
"product_ids": [
"CSAFPID-00021",
"CSAFPID-00023",
"CSAFPID-00025",
"CSAFPID-00027",
"CSAFPID-00029",
"CSAFPID-00031"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805907/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087",
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00091",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00094",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098",
"CSAFPID-00099",
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018",
"CSAFPID-00019",
"CSAFPID-00020",
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032",
"CSAFPID-00034",
"CSAFPID-00033",
"CSAFPID-00035",
"CSAFPID-00036",
"CSAFPID-00037",
"CSAFPID-00038",
"CSAFPID-00039",
"CSAFPID-00040",
"CSAFPID-00041",
"CSAFPID-00042",
"CSAFPID-00043",
"CSAFPID-00044",
"CSAFPID-00046",
"CSAFPID-00045",
"CSAFPID-00047",
"CSAFPID-00048",
"CSAFPID-00049",
"CSAFPID-00050",
"CSAFPID-00051",
"CSAFPID-00052",
"CSAFPID-00053",
"CSAFPID-00054",
"CSAFPID-00055",
"CSAFPID-00056",
"CSAFPID-00057",
"CSAFPID-00058",
"CSAFPID-00061",
"CSAFPID-00059",
"CSAFPID-00060",
"CSAFPID-00062",
"CSAFPID-00063",
"CSAFPID-00064",
"CSAFPID-00065",
"CSAFPID-00066",
"CSAFPID-00067",
"CSAFPID-00068",
"CSAFPID-00069",
"CSAFPID-00070",
"CSAFPID-00071",
"CSAFPID-00072",
"CSAFPID-00073",
"CSAFPID-00074",
"CSAFPID-00075",
"CSAFPID-00076",
"CSAFPID-00077",
"CSAFPID-00078",
"CSAFPID-00079",
"CSAFPID-00080",
"CSAFPID-00081",
"CSAFPID-00082",
"CSAFPID-00083",
"CSAFPID-00084",
"CSAFPID-00085",
"CSAFPID-00086",
"CSAFPID-00087",
"CSAFPID-00088",
"CSAFPID-00089",
"CSAFPID-00090",
"CSAFPID-00091",
"CSAFPID-00092",
"CSAFPID-00093",
"CSAFPID-00094",
"CSAFPID-00096",
"CSAFPID-00095",
"CSAFPID-00097",
"CSAFPID-00098",
"CSAFPID-00099",
"CSAFPID-000100",
"CSAFPID-000102",
"CSAFPID-000101",
"CSAFPID-000103",
"CSAFPID-000104",
"CSAFPID-000105",
"CSAFPID-000106",
"CSAFPID-000107",
"CSAFPID-000108",
"CSAFPID-000109",
"CSAFPID-000110",
"CSAFPID-000111",
"CSAFPID-000112",
"CSAFPID-000113",
"CSAFPID-000114",
"CSAFPID-000115",
"CSAFPID-000116",
"CSAFPID-000117",
"CSAFPID-000118",
"CSAFPID-000119",
"CSAFPID-000120",
"CSAFPID-000121",
"CSAFPID-000122",
"CSAFPID-000123",
"CSAFPID-000124",
"CSAFPID-000125",
"CSAFPID-000126",
"CSAFPID-000127",
"CSAFPID-000128",
"CSAFPID-000129",
"CSAFPID-000130",
"CSAFPID-000131",
"CSAFPID-000132",
"CSAFPID-000133",
"CSAFPID-000134",
"CSAFPID-000135",
"CSAFPID-000136",
"CSAFPID-000137",
"CSAFPID-000138",
"CSAFPID-000139",
"CSAFPID-000140",
"CSAFPID-000141",
"CSAFPID-000142",
"CSAFPID-000143",
"CSAFPID-000144",
"CSAFPID-000145",
"CSAFPID-000146",
"CSAFPID-000147",
"CSAFPID-000148",
"CSAFPID-000149",
"CSAFPID-000150",
"CSAFPID-000151",
"CSAFPID-000152",
"CSAFPID-000153",
"CSAFPID-000154",
"CSAFPID-000155",
"CSAFPID-000156",
"CSAFPID-000157",
"CSAFPID-000158",
"CSAFPID-000159",
"CSAFPID-000160",
"CSAFPID-000161",
"CSAFPID-000162",
"CSAFPID-000163",
"CSAFPID-000164",
"CSAFPID-000165",
"CSAFPID-000166",
"CSAFPID-000167",
"CSAFPID-000168",
"CSAFPID-000169",
"CSAFPID-000170",
"CSAFPID-000171",
"CSAFPID-000172",
"CSAFPID-000173",
"CSAFPID-000174",
"CSAFPID-000175",
"CSAFPID-000176",
"CSAFPID-000177",
"CSAFPID-000178",
"CSAFPID-000179",
"CSAFPID-000180",
"CSAFPID-000181",
"CSAFPID-000182",
"CSAFPID-000183",
"CSAFPID-000184",
"CSAFPID-000185",
"CSAFPID-000186",
"CSAFPID-000187",
"CSAFPID-000188",
"CSAFPID-000189",
"CSAFPID-000190",
"CSAFPID-000191",
"CSAFPID-000192",
"CSAFPID-000193",
"CSAFPID-000194",
"CSAFPID-000195",
"CSAFPID-000196"
]
}
],
"title": "CVE-2022-46143"
},
{
"cve": "CVE-2022-46144",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"notes": [
{
"category": "summary",
"text": "Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032"
]
},
"references": [
{
"category": "external",
"summary": "nvd.nist.gov",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46144"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"CSAFPID-00022",
"CSAFPID-00024",
"CSAFPID-00026",
"CSAFPID-00028",
"CSAFPID-00030",
"CSAFPID-00032"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109814276/"
},
{
"category": "vendor_fix",
"details": "Update to V2.3 or later version",
"product_ids": [
"CSAFPID-00021",
"CSAFPID-00023",
"CSAFPID-00025",
"CSAFPID-00027",
"CSAFPID-00029",
"CSAFPID-00031"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109805907/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-00021",
"CSAFPID-00022",
"CSAFPID-00023",
"CSAFPID-00024",
"CSAFPID-00025",
"CSAFPID-00026",
"CSAFPID-00027",
"CSAFPID-00028",
"CSAFPID-00029",
"CSAFPID-00030",
"CSAFPID-00031",
"CSAFPID-00032"
]
}
],
"title": "CVE-2022-46144"
}
]
}
icsa-22-195-12
Vulnerability from csaf_cisa
Published
2022-07-14 00:00
Modified
2022-08-11 00:00
Summary
Siemens SRCS VPN Feature in SIMATIC CP Devices
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
These vulnerabilities, if successfully exploited when authorized personnel are using the SINEMA Remote Connect Server (SRCS) VPN feature, could allow an attacker to execute arbitrary code with elevated privileges under certain circumstances.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability these vulnerabilities. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "These vulnerabilities, if successfully exploited when authorized personnel are using the SINEMA Remote Connect Server (SRCS) VPN feature, could allow an attacker to execute arbitrary code with elevated privileges under certain circumstances.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.\n",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "external",
"summary": "SSA-517377: Multiple Vulnerabilities in the SRCS VPN Feature in SIMATIC CP Devices - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-517377.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-195-12 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-195-12.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-195-12 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-195-12"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "SSA-517377: Multiple Vulnerabilities in the SRCS VPN Feature in SIMATIC CP Devices - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"category": "external",
"summary": "SSA-517377: Multiple Vulnerabilities in the SRCS VPN Feature in SIMATIC CP Devices - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-517377.txt"
}
],
"title": "Siemens SRCS VPN Feature in SIMATIC CP Devices",
"tracking": {
"current_release_date": "2022-08-11T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-195-12",
"initial_release_date": "2022-07-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-07-14T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Siemens SRCS VPN Feature in SIMATIC CP Devices (Update A)"
},
{
"date": "2022-08-11T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "Siemens SRCS VPN Feature in SIMATIC CP Devices (Update A)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.3.46",
"product": {
"name": "SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK7242-7KX31-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.3.46",
"product": {
"name": "SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0)",
"product_id": "CSAFPID-0002",
"product_identification_helper": {
"model_numbers": [
"6GK7243-1BX30-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.3.46",
"product": {
"name": "SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0)",
"product_id": "CSAFPID-0003",
"product_identification_helper": {
"model_numbers": [
"6GK7243-7KX30-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.3.46",
"product": {
"name": "SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0)",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"model_numbers": [
"6GK7243-7SX30-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.3.46",
"product": {
"name": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0)",
"product_id": "CSAFPID-0005",
"product_identification_helper": {
"model_numbers": [
"6GK7243-8RX30-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= V2.0 \u003c V2.2.28",
"product": {
"name": "SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0)",
"product_id": "CSAFPID-0006",
"product_identification_helper": {
"model_numbers": [
"6GK7542-6VX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.0.22",
"product": {
"name": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0)",
"product_id": "CSAFPID-0007",
"product_identification_helper": {
"model_numbers": [
"6GK7543-1AX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= V2.0 \u003c V2.2.28",
"product": {
"name": "SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0)",
"product_id": "CSAFPID-0008",
"product_identification_helper": {
"model_numbers": [
"6GK7543-6WX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= V2.0 \u003c V2.2.28",
"product": {
"name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0)",
"product_id": "CSAFPID-0009",
"product_identification_helper": {
"model_numbers": [
"6AG2542-6VX00-4XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= V2.0 \u003c V2.2.28",
"product": {
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0)",
"product_id": "CSAFPID-00010",
"product_identification_helper": {
"model_numbers": [
"6AG1543-6WX00-7XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= V2.0 \u003c V2.2.28",
"product": {
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0)",
"product_id": "CSAFPID-00011",
"product_identification_helper": {
"model_numbers": [
"6AG2543-6WX00-4XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.3.46",
"product": {
"name": "SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0)",
"product_id": "CSAFPID-00012",
"product_identification_helper": {
"model_numbers": [
"6AG1242-7KX31-7XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.0.22",
"product": {
"name": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0)",
"product_id": "CSAFPID-00013",
"product_identification_helper": {
"model_numbers": [
"6AG1543-1AX00-2XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.3.46",
"product": {
"name": "SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0)",
"product_id": "CSAFPID-00014",
"product_identification_helper": {
"model_numbers": [
"6AG1243-1BX30-2AX0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.3.46",
"product": {
"name": "SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0)",
"product_id": "CSAFPID-00015",
"product_identification_helper": {
"model_numbers": [
"6AG2243-1BX30-1XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34819",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34819"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Make sure to configure the CP to only connect to trusted SINEMA Remote Connect Server instances",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.2.28 or later version",
"product_ids": [
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817067/"
},
{
"category": "vendor_fix",
"details": "Update to V3.3.46 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-00012",
"CSAFPID-00014",
"CSAFPID-00015"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109812218"
},
{
"category": "vendor_fix",
"details": "Update to V3.0.22 or later version",
"product_ids": [
"CSAFPID-0007",
"CSAFPID-00013"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109808678/"
},
{
"category": "workaround",
"details": "Block access to port 5243/udp e.g. with an external firewall if possible",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
{
"category": "workaround",
"details": "Disable the SINEMA Remote Connect Server (SRCS) VPN feature",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
}
],
"title": "CVE-2022-34819"
},
{
"cve": "CVE-2022-34820",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34820"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Make sure to configure the CP to only connect to trusted SINEMA Remote Connect Server instances",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.2.28 or later version",
"product_ids": [
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817067/"
},
{
"category": "vendor_fix",
"details": "Update to V3.3.46 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-00012",
"CSAFPID-00014",
"CSAFPID-00015"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109812218"
},
{
"category": "vendor_fix",
"details": "Update to V3.0.22 or later version",
"product_ids": [
"CSAFPID-0007",
"CSAFPID-00013"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109808678/"
},
{
"category": "workaround",
"details": "Block access to port 5243/udp e.g. with an external firewall if possible",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
{
"category": "workaround",
"details": "Disable the SINEMA Remote Connect Server (SRCS) VPN feature",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
}
],
"title": "CVE-2022-34820"
},
{
"cve": "CVE-2022-34821",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34821"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Make sure to configure the CP to only connect to trusted SINEMA Remote Connect Server instances",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.2.28 or later version",
"product_ids": [
"CSAFPID-0006",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109817067/"
},
{
"category": "vendor_fix",
"details": "Update to V3.3.46 or later version",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-00012",
"CSAFPID-00014",
"CSAFPID-00015"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109812218"
},
{
"category": "vendor_fix",
"details": "Update to V3.0.22 or later version",
"product_ids": [
"CSAFPID-0007",
"CSAFPID-00013"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109808678/"
},
{
"category": "workaround",
"details": "Block access to port 5243/udp e.g. with an external firewall if possible",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
{
"category": "workaround",
"details": "Disable the SINEMA Remote Connect Server (SRCS) VPN feature",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015"
]
}
],
"title": "CVE-2022-34821"
}
]
}
gsd-2022-34821
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2), SCALANCE M804PB (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2), SCALANCE M874-2 (All versions < V7.2), SCALANCE M874-3 (All versions < V7.2), SCALANCE M876-3 (EVDO) (All versions < V7.2), SCALANCE M876-3 (ROK) (All versions < V7.2), SCALANCE M876-4 (All versions < V7.2), SCALANCE M876-4 (EU) (All versions < V7.2), SCALANCE M876-4 (NAM) (All versions < V7.2), SCALANCE MUM853-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (RoW) (All versions < V7.2), SCALANCE S615 (All versions < V7.2), SCALANCE S615 EEC (All versions < V7.2), SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= V2.3 < V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-34821",
"description": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.",
"id": "GSD-2022-34821"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-34821"
],
"details": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.",
"id": "GSD-2022-34821",
"modified": "2023-12-13T01:19:18.406631Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-34821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) EU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "RUGGEDCOM RM1224 LTE(4G) NAM",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M804PB",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex A)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M812-1 ADSL-Router (Annex B)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex A)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M816-1 ADSL-Router (Annex B)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M826-2 SHDSL-Router",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M874-2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M874-3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M876-3 (EVDO)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M876-3 (ROK)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M876-4",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (EU)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE M876-4 (NAM)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE MUM853-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE MUM856-1 (RoW)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE S615",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE S615 EEC",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V7.2"
}
]
}
},
{
"product_name": "SCALANCE SC622-2C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V2.3"
},
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.3 \u003c V3.0"
}
]
}
},
{
"product_name": "SCALANCE SC626-2C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V2.3"
},
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.3 \u003c V3.0"
}
]
}
},
{
"product_name": "SCALANCE SC632-2C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V2.3"
},
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.3 \u003c V3.0"
}
]
}
},
{
"product_name": "SCALANCE SC636-2C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V2.3"
},
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.3 \u003c V3.0"
}
]
}
},
{
"product_name": "SCALANCE SC642-2C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V2.3"
},
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.3 \u003c V3.0"
}
]
}
},
{
"product_name": "SCALANCE SC646-2C",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V2.3"
},
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.3 \u003c V3.0"
}
]
}
},
{
"product_name": "SCALANCE WAM763-1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 (US)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC (EU)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC (US)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE WUM763-1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
},
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 (EU)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 (US)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC CP 1242-7 V2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.3.46"
}
]
}
},
{
"product_name": "SIMATIC CP 1243-1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.3.46"
}
]
}
},
{
"product_name": "SIMATIC CP 1243-7 LTE EU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.3.46"
}
]
}
},
{
"product_name": "SIMATIC CP 1243-7 LTE US",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.3.46"
}
]
}
},
{
"product_name": "SIMATIC CP 1243-8 IRC",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.3.46"
}
]
}
},
{
"product_name": "SIMATIC CP 1542SP-1 IRC",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
}
},
{
"product_name": "SIMATIC CP 1543-1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.0.22"
}
]
}
},
{
"product_name": "SIMATIC CP 1543SP-1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
}
},
{
"product_name": "SIPLUS NET CP 1242-7 V2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.3.46"
}
]
}
},
{
"product_name": "SIPLUS NET CP 1543-1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.0.22"
}
]
}
},
{
"product_name": "SIPLUS S7-1200 CP 1243-1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.3.46"
}
]
}
},
{
"product_name": "SIPLUS S7-1200 CP 1243-1 RAIL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions \u003c V3.3.46"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges."
}
]
},
"impact": {
"cvss": [
{
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-94",
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_net_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_net_cp_1543-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-34821"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "N/A",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf",
"refsource": "CONFIRM",
"tags": [],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0
}
},
"lastModifiedDate": "2023-10-10T11:15Z",
"publishedDate": "2022-07-12T10:15Z"
}
}
}
var-202207-0621
Vulnerability from variot
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2), SCALANCE M804PB (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2), SCALANCE M874-2 (All versions < V7.2), SCALANCE M874-3 (All versions < V7.2), SCALANCE M876-3 (EVDO) (All versions < V7.2), SCALANCE M876-3 (ROK) (All versions < V7.2), SCALANCE M876-4 (All versions < V7.2), SCALANCE M876-4 (EU) (All versions < V7.2), SCALANCE M876-4 (NAM) (All versions < V7.2), SCALANCE MUM853-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (RoW) (All versions < V7.2), SCALANCE S615 (All versions < V7.2), SCALANCE S615 EEC (All versions < V7.2), SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= V2.3 < V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges. The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect the SIMATIC S7-1200 controllers to a wide area network (WAN). They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or ST7 master via the SINAUT ST7 telecontrol protocol. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1543SP-1, CP 1542SP-1 and CP 1542SP-1 IRC communication processors connect the SIMATIC ET 200SP controllers to Ethernet. The SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC communication processors also offer integrated security functions such as firewalls, virtual private networks (VPN) or support for other data encryption protocols. SIPLUSextreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware on which they are based
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-0621",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic cp 1542sp-1 irc",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic cp 1543sp-1",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-8 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "simatic cp 1243-7 lte us",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp lte eu",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp lte us",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-8"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1543-1\u003c3.0.22"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1543-1\u003c3.0.22"
},
{
"model": "siplus s7-1200 cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "siplus s7-1200 cp rail",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_net_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_net_cp_1543-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
}
],
"trust": 0.6
},
"cve": "CVE-2022-34821",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CNVD-2022-51634",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2022-34821",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-34821",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2022-34821",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-51634",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-902",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-34821",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges. The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect the SIMATIC S7-1200 controllers to a wide area network (WAN). They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or ST7 master via the SINAUT ST7 telecontrol protocol. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1543SP-1, CP 1542SP-1 and CP 1542SP-1 IRC communication processors connect the SIMATIC ET 200SP controllers to Ethernet. The SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC communication processors also offer integrated security functions such as firewalls, virtual private networks (VPN) or support for other data encryption protocols. SIPLUSextreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware on which they are based",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34821"
},
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-34821",
"trust": 2.3
},
{
"db": "SIEMENS",
"id": "SSA-517377",
"trust": 2.3
},
{
"db": "SIEMENS",
"id": "SSA-413565",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-22-195-12",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-51634",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-04",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022071333",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-34821",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"id": "VAR-202207-0621",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
}
],
"trust": 1.3424043555555556
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
}
]
},
"last_update_date": "2024-02-12T23:08:54.645000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens SIMATIC CP SRCS VPN Feature Code Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/339696"
},
{
"title": "Siemens SIMATIC Fixes for code injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=228948"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-517377.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022071333"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-04"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-cp-three-vulnerabilities-via-srcs-vpn-38784"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-34821/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-195-12"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/94.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-195-12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"date": "2022-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"date": "2022-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"date": "2022-07-12T10:15:12.393000",
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"date": "2023-10-10T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"date": "2023-03-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"date": "2023-10-10T11:15:10.703000",
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC CP SRCS VPN Feature Code Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
}
],
"trust": 0.6
}
}
ghsa-xx9f-xg2j-c647
Vulnerability from github
Published
2022-07-13 00:01
Modified
2022-07-16 00:00
Severity ?
Details
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.
{
"affected": [],
"aliases": [
"CVE-2022-34821"
],
"database_specific": {
"cwe_ids": [
"CWE-94"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-12T10:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.",
"id": "GHSA-xx9f-xg2j-c647",
"modified": "2022-07-16T00:00:21Z",
"published": "2022-07-13T00:01:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34821"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.