gsd - gsd-2022-34821

gsd-2022-34821

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2), SCALANCE M804PB (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2), SCALANCE M874-2 (All versions < V7.2), SCALANCE M874-3 (All versions < V7.2), SCALANCE M876-3 (EVDO) (All versions < V7.2), SCALANCE M876-3 (ROK) (All versions < V7.2), SCALANCE M876-4 (All versions < V7.2), SCALANCE M876-4 (EU) (All versions < V7.2), SCALANCE M876-4 (NAM) (All versions < V7.2), SCALANCE MUM853-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (RoW) (All versions < V7.2), SCALANCE S615 (All versions < V7.2), SCALANCE S615 EEC (All versions < V7.2), SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= V2.3 < V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.

Aliases

CVE-2022-34821

Aliases

CVE-2022-34821

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-34821",
    "description": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.",
    "id": "GSD-2022-34821"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-34821"
      ],
      "details": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.",
      "id": "GSD-2022-34821",
      "modified": "2023-12-13T01:19:18.406631Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2022-34821",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "RUGGEDCOM RM1224 LTE(4G) EU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "RUGGEDCOM RM1224 LTE(4G) NAM",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M804PB",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M812-1 ADSL-Router (Annex A)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M812-1 ADSL-Router (Annex B)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M816-1 ADSL-Router (Annex A)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M816-1 ADSL-Router (Annex B)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M826-2 SHDSL-Router",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M874-2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M874-3",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-3 (EVDO)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-3 (ROK)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-4",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-4 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE M876-4 (NAM)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE MUM853-1 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE MUM856-1 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE MUM856-1 (RoW)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE S615",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE S615 EEC",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V7.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE SC622-2C",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V2.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.3 \u003c V3.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE SC626-2C",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V2.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.3 \u003c V3.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE SC632-2C",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V2.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.3 \u003c V3.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE SC636-2C",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V2.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.3 \u003c V3.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE SC642-2C",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V2.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.3 \u003c V3.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE SC646-2C",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V2.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.3 \u003c V3.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM763-1",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM766-1 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM766-1 (US)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM766-1 EEC (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WAM766-1 EEC (US)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WUM763-1",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WUM766-1 (EU)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SCALANCE WUM766-1 (US)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC CP 1242-7 V2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.3.46"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC CP 1243-1",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.3.46"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC CP 1243-7 LTE EU",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.3.46"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC CP 1243-7 LTE US",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.3.46"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC CP 1243-8 IRC",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.3.46"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC CP 1542SP-1 IRC",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC CP 1543-1",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.0.22"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC CP 1543SP-1",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003e= V2.0 \u003c V2.2.28"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIPLUS NET CP 1242-7 V2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.3.46"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIPLUS NET CP 1543-1",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.0.22"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIPLUS S7-1200 CP 1243-1",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.3.46"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIPLUS S7-1200 CP 1243-1 RAIL",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.3.46"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-94",
                "lang": "eng",
                "value": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1242-7_v2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionStartIncluding": "2.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "3.0.22",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simatic_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionStartIncluding": "2.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simatic_cp_1543sp-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionStartIncluding": "2.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionStartIncluding": "2.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionStartIncluding": "2.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:siplus_net_cp_1242-7_v2_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "3.0.22",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:siplus_net_cp_1543-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:siplus_s7-1200_cp_1243-1_rail_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2022-34821"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N/A",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.0,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2023-10-10T11:15Z",
      "publishedDate": "2022-07-12T10:15Z"
    }
  }
}

cve-2022-34821

Vulnerability from cvelistv5

Published

2022-07-12 00:00

Modified

2024-08-03 09:22

Severity ?

7.6 (High) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

Summary

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf
	https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf

Impacted products

▼	Vendor	Product
	Siemens	RUGGEDCOM RM1224 LTE(4G) EU
	Siemens	RUGGEDCOM RM1224 LTE(4G) NAM
	Siemens	SCALANCE M804PB
	Siemens	SCALANCE M812-1 ADSL-Router (Annex A)
	Siemens	SCALANCE M812-1 ADSL-Router (Annex B)
	Siemens	SCALANCE M816-1 ADSL-Router (Annex A)
	Siemens	SCALANCE M816-1 ADSL-Router (Annex B)
	Siemens	SCALANCE M826-2 SHDSL-Router
	Siemens	SCALANCE M874-2
	Siemens	SCALANCE M874-3
	Siemens	SCALANCE M876-3 (EVDO)
	Siemens	SCALANCE M876-3 (ROK)
	Siemens	SCALANCE M876-4
	Siemens	SCALANCE M876-4 (EU)
	Siemens	SCALANCE M876-4 (NAM)
	Siemens	SCALANCE MUM853-1 (EU)
	Siemens	SCALANCE MUM856-1 (EU)
	Siemens	SCALANCE MUM856-1 (RoW)
	Siemens	SCALANCE S615
	Siemens	SCALANCE S615 EEC
	Siemens	SCALANCE SC622-2C
	Siemens	SCALANCE SC622-2C
	Siemens	SCALANCE SC626-2C
	Siemens	SCALANCE SC626-2C
	Siemens	SCALANCE SC632-2C
	Siemens	SCALANCE SC632-2C
	Siemens	SCALANCE SC636-2C
	Siemens	SCALANCE SC636-2C
	Siemens	SCALANCE SC642-2C
	Siemens	SCALANCE SC642-2C
	Siemens	SCALANCE SC646-2C
	Siemens	SCALANCE SC646-2C
	Siemens	SCALANCE WAM763-1
	Siemens	SCALANCE WAM766-1 (EU)
	Siemens	SCALANCE WAM766-1 (US)
	Siemens	SCALANCE WAM766-1 EEC (EU)
	Siemens	SCALANCE WAM766-1 EEC (US)
	Siemens	SCALANCE WUM763-1
	Siemens	SCALANCE WUM763-1
	Siemens	SCALANCE WUM766-1 (EU)
	Siemens	SCALANCE WUM766-1 (US)
	Siemens	SIMATIC CP 1242-7 V2
	Siemens	SIMATIC CP 1243-1
	Siemens	SIMATIC CP 1243-7 LTE EU
	Siemens	SIMATIC CP 1243-7 LTE US
	Siemens	SIMATIC CP 1243-8 IRC
	Siemens	SIMATIC CP 1542SP-1 IRC
	Siemens	SIMATIC CP 1543-1
	Siemens	SIMATIC CP 1543SP-1
	Siemens	SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL
	Siemens	SIPLUS ET 200SP CP 1543SP-1 ISEC
	Siemens	SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL
	Siemens	SIPLUS NET CP 1242-7 V2
	Siemens	SIPLUS NET CP 1543-1
	Siemens	SIPLUS S7-1200 CP 1243-1
	Siemens	SIPLUS S7-1200 CP 1243-1 RAIL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T09:22:10.733Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (EVDO)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE US",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0.22"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 1543-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0.22"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-10T10:20:57.022Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-34821",
    "datePublished": "2022-07-12T00:00:00",
    "dateReserved": "2022-06-29T00:00:00",
    "dateUpdated": "2024-08-03T09:22:10.733Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted