icsa-22-104-09
Vulnerability from csaf_cisa
Published
2022-04-14 00:00
Modified
2022-04-14 00:00
Summary
Siemens SCALANCE X-300 Switches

Notes

CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to reboot, cause denial-of-service conditions, and impact the system by other means through buffer overflow vulnerabilities.
Critical infrastructure sectors
Multiple Sectors
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.



{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Michael Messner",
          "Abian Blome"
        ],
        "organization": "Siemens Energy",
        "summary": "coordinating the disclosure of CVE-2022-25751 and CVE-2022-25756 to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to reboot, cause denial-of-service conditions, and impact the system by other means through buffer overflow vulnerabilities.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Multiple Sectors",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SSA-836527: Multiple Vulnerabilities in SCALANCE X-300 Switch Family Devices - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-836527.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-104-09 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-104-09.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-104-09 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-104-09"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "SSA-836527: Multiple Vulnerabilities in SCALANCE X-300 Switch Family Devices - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf"
      },
      {
        "category": "external",
        "summary": "SSA-836527: Multiple Vulnerabilities in SCALANCE X-300 Switch Family Devices - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-836527.txt"
      }
    ],
    "title": "Siemens SCALANCE X-300 Switches",
    "tracking": {
      "current_release_date": "2022-04-14T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-22-104-09",
      "initial_release_date": "2022-04-14T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2022-04-14T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-22-104-09 Siemens SCALANCE X-300 Switches"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X302-7 EEC (2x 24V)",
                  "product_id": "CSAFPID-0001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5302-7GD00-2EA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X302-7 EEC (2x 24V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X302-7 EEC (2x 24V, coated)",
                  "product_id": "CSAFPID-0002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5302-7GD00-2GA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X302-7 EEC (2x 24V, coated)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X302-7 EEC (2x 230V)",
                  "product_id": "CSAFPID-0003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5302-7GD00-4EA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X302-7 EEC (2x 230V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X302-7 EEC (2x 230V, coated)",
                  "product_id": "CSAFPID-0004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5302-7GD00-4GA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X302-7 EEC (2x 230V, coated)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X302-7 EEC (24V)",
                  "product_id": "CSAFPID-0005",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5302-7GD00-1EA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X302-7 EEC (24V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X302-7 EEC (24V, coated)",
                  "product_id": "CSAFPID-0006",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5302-7GD00-1GA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X302-7 EEC (24V, coated)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X302-7 EEC (230V)",
                  "product_id": "CSAFPID-0007",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5302-7GD00-3EA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X302-7 EEC (230V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X302-7 EEC (230V, coated)",
                  "product_id": "CSAFPID-0008",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5302-7GD00-3GA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X302-7 EEC (230V, coated)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X304-2FE",
                  "product_id": "CSAFPID-0009",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5304-2BD00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X304-2FE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X306-1LD FE",
                  "product_id": "CSAFPID-00010",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5306-1BF00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X306-1LD FE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-2 EEC (2x 24V)",
                  "product_id": "CSAFPID-00011",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-2FD00-2EA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-2 EEC (2x 24V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-2 EEC (2x 24V, coated)",
                  "product_id": "CSAFPID-00012",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-2FD00-2GA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-2 EEC (2x 24V, coated)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-2 EEC (2x 230V)",
                  "product_id": "CSAFPID-00013",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-2FD00-4EA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-2 EEC (2x 230V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-2 EEC (2x 230V, coated)",
                  "product_id": "CSAFPID-00014",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-2FD00-4GA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-2 EEC (2x 230V, coated)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-2 EEC (24V)",
                  "product_id": "CSAFPID-00015",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-2FD00-1EA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-2 EEC (24V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-2 EEC (24V, coated)",
                  "product_id": "CSAFPID-00016",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-2FD00-1GA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-2 EEC (24V, coated)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-2 EEC (230V)",
                  "product_id": "CSAFPID-00017",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-2FD00-3EA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-2 EEC (230V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-2 EEC (230V, coated)",
                  "product_id": "CSAFPID-00018",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-2FD00-3GA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-2 EEC (230V, coated)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-3",
                  "product_id": "CSAFPID-00019",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-3BL00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-3",
                  "product_id": "CSAFPID-00020",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-3BL10-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-3LD",
                  "product_id": "CSAFPID-00021",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-3BM00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-3LD"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X307-3LD",
                  "product_id": "CSAFPID-00022",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5307-3BM10-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X307-3LD"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2",
                  "product_id": "CSAFPID-00023",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2FL00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2",
                  "product_id": "CSAFPID-00024",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2FL10-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2LD",
                  "product_id": "CSAFPID-00025",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2FM00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2LD"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2LD",
                  "product_id": "CSAFPID-00026",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2FM10-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2LD"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2LH",
                  "product_id": "CSAFPID-00027",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2FN00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2LH"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2LH",
                  "product_id": "CSAFPID-00028",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2FN10-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2LH"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2LH+",
                  "product_id": "CSAFPID-00029",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2FP00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2LH+"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2LH+",
                  "product_id": "CSAFPID-00030",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2FP10-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2LH+"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2M",
                  "product_id": "CSAFPID-00031",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2GG00-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2M"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2M",
                  "product_id": "CSAFPID-00032",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2GG10-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2M"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2M PoE",
                  "product_id": "CSAFPID-00033",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2QG00-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2M PoE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2M PoE",
                  "product_id": "CSAFPID-00034",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2QG10-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2M PoE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2M TS",
                  "product_id": "CSAFPID-00035",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2GG00-2CA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2M TS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X308-2M TS",
                  "product_id": "CSAFPID-00036",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5308-2GG10-2CA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X308-2M TS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X310",
                  "product_id": "CSAFPID-00037",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5310-0FA00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X310"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X310",
                  "product_id": "CSAFPID-00038",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5310-0FA10-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X310"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X310FE",
                  "product_id": "CSAFPID-00039",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5310-0BA00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X310FE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X310FE",
                  "product_id": "CSAFPID-00040",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5310-0BA10-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X310FE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X320-1 FE",
                  "product_id": "CSAFPID-00041",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5320-1BD00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X320-1 FE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X320-1-2LD FE",
                  "product_id": "CSAFPID-00042",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5320-3BF00-2AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X320-1-2LD FE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE X408-2",
                  "product_id": "CSAFPID-00043",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5408-2FD00-2AA2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE X408-2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
                  "product_id": "CSAFPID-00044",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG00-2ER2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (2x 24V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
                  "product_id": "CSAFPID-00045",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG10-2ER2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (2x 24V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
                  "product_id": "CSAFPID-00046",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG00-2JR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
                  "product_id": "CSAFPID-00047",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG10-2JR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
                  "product_id": "CSAFPID-00048",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG00-4ER2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
                  "product_id": "CSAFPID-00049",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG10-4ER2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
                  "product_id": "CSAFPID-00050",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG00-4JR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
                  "product_id": "CSAFPID-00051",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG10-4JR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (24V, ports on front)",
                  "product_id": "CSAFPID-00052",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG00-1ER2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (24V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (24V, ports on front)",
                  "product_id": "CSAFPID-00053",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG10-1ER2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (24V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (24V, ports on rear)",
                  "product_id": "CSAFPID-00054",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG00-1JR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (24V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (24V, ports on rear)",
                  "product_id": "CSAFPID-00055",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG10-1JR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (24V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
                  "product_id": "CSAFPID-00056",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG00-3ER2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
                  "product_id": "CSAFPID-00057",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG10-3ER2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
                  "product_id": "CSAFPID-00058",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG00-3JR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
                  "product_id": "CSAFPID-00059",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4GG10-3JR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M PoE (24V, ports on front)",
                  "product_id": "CSAFPID-00060",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4QG00-1AR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M PoE (24V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M PoE (24V, ports on rear)",
                  "product_id": "CSAFPID-00061",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4QG00-1HR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M PoE (24V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M PoE (230V, ports on front)",
                  "product_id": "CSAFPID-00062",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4QG00-3AR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M PoE (230V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M PoE (230V, ports on rear)",
                  "product_id": "CSAFPID-00063",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4QG00-3HR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M PoE (230V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-4M PoE TS (24V, ports on front)",
                  "product_id": "CSAFPID-00064",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-4QG00-1CR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-4M PoE TS (24V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M (24V, ports on front)",
                  "product_id": "CSAFPID-00065",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG00-1AR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M (24V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M (24V, ports on front)",
                  "product_id": "CSAFPID-00066",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG10-1AR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M (24V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M (24V, ports on rear)",
                  "product_id": "CSAFPID-00067",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG00-1HR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M (24V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M (24V, ports on rear)",
                  "product_id": "CSAFPID-00068",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG10-1HR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M (24V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M (230V, ports on front)",
                  "product_id": "CSAFPID-00069",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG00-3AR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M (230V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M (230V, ports on front)",
                  "product_id": "CSAFPID-00070",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG10-3AR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M (230V, ports on front)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M (230V, ports on rear)",
                  "product_id": "CSAFPID-00071",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG00-3HR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M (230V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M (230V, ports on rear)",
                  "product_id": "CSAFPID-00072",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG10-3HR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M (230V, ports on rear)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M TS (24V)",
                  "product_id": "CSAFPID-00073",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG00-1CR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M TS (24V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SCALANCE XR324-12M TS (24V)",
                  "product_id": "CSAFPID-00074",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6GK5324-0GG10-1CR2"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE XR324-12M TS (24V)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V4.1.4",
                "product": {
                  "name": "SIPLUS NET SCALANCE X308-2",
                  "product_id": "CSAFPID-00075",
                  "product_identification_helper": {
                    "model_numbers": [
                      "6AG1308-2FL10-4AA3"
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SIPLUS NET SCALANCE X308-2"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-25751",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Affected devices do not properly validate the HTTP headers of incoming requests. This could allow an unauthenticated remote attacker to crash affected devices.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022",
          "CSAFPID-00023",
          "CSAFPID-00024",
          "CSAFPID-00025",
          "CSAFPID-00026",
          "CSAFPID-00027",
          "CSAFPID-00028",
          "CSAFPID-00029",
          "CSAFPID-00030",
          "CSAFPID-00031",
          "CSAFPID-00032",
          "CSAFPID-00033",
          "CSAFPID-00034",
          "CSAFPID-00035",
          "CSAFPID-00036",
          "CSAFPID-00037",
          "CSAFPID-00038",
          "CSAFPID-00039",
          "CSAFPID-00040",
          "CSAFPID-00041",
          "CSAFPID-00042",
          "CSAFPID-00043",
          "CSAFPID-00044",
          "CSAFPID-00045",
          "CSAFPID-00046",
          "CSAFPID-00047",
          "CSAFPID-00048",
          "CSAFPID-00049",
          "CSAFPID-00050",
          "CSAFPID-00051",
          "CSAFPID-00052",
          "CSAFPID-00053",
          "CSAFPID-00054",
          "CSAFPID-00055",
          "CSAFPID-00056",
          "CSAFPID-00057",
          "CSAFPID-00058",
          "CSAFPID-00059",
          "CSAFPID-00060",
          "CSAFPID-00061",
          "CSAFPID-00062",
          "CSAFPID-00063",
          "CSAFPID-00064",
          "CSAFPID-00065",
          "CSAFPID-00066",
          "CSAFPID-00067",
          "CSAFPID-00068",
          "CSAFPID-00069",
          "CSAFPID-00070",
          "CSAFPID-00071",
          "CSAFPID-00072",
          "CSAFPID-00073",
          "CSAFPID-00074",
          "CSAFPID-00075"
        ]
      },
      "references": [
        {
          "summary": "CVE-2022-25751 - SCALANCE X302-7 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X302-7 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X302-7 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X302-7 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X302-7 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X302-7 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X302-7 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X302-7 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X304-2FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X306-1LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-2 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-2 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-2 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-2 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-2 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-2 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-2 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-2 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X320-1 FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X320-1-2LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE X408-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M PoE (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M PoE (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M PoE (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M PoE (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 - SIPLUS NET SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25751 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-25751.json"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25751"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.1.4 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "category": "workaround",
          "details": "Restrict access to the affected systems, especially to ports 22/tcp, 161/udp, and 443/tcp to trusted IP addresses only",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Disable SNMP service, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Deactivate the webserver if not required, and if deactivation is supported by the product",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "title": "CVE-2022-25751"
    },
    {
      "cve": "CVE-2022-25752",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022",
          "CSAFPID-00023",
          "CSAFPID-00024",
          "CSAFPID-00025",
          "CSAFPID-00026",
          "CSAFPID-00027",
          "CSAFPID-00028",
          "CSAFPID-00029",
          "CSAFPID-00030",
          "CSAFPID-00031",
          "CSAFPID-00032",
          "CSAFPID-00033",
          "CSAFPID-00034",
          "CSAFPID-00035",
          "CSAFPID-00036",
          "CSAFPID-00037",
          "CSAFPID-00038",
          "CSAFPID-00039",
          "CSAFPID-00040",
          "CSAFPID-00041",
          "CSAFPID-00042",
          "CSAFPID-00043",
          "CSAFPID-00044",
          "CSAFPID-00045",
          "CSAFPID-00046",
          "CSAFPID-00047",
          "CSAFPID-00048",
          "CSAFPID-00049",
          "CSAFPID-00050",
          "CSAFPID-00051",
          "CSAFPID-00052",
          "CSAFPID-00053",
          "CSAFPID-00054",
          "CSAFPID-00055",
          "CSAFPID-00056",
          "CSAFPID-00057",
          "CSAFPID-00058",
          "CSAFPID-00059",
          "CSAFPID-00060",
          "CSAFPID-00061",
          "CSAFPID-00062",
          "CSAFPID-00063",
          "CSAFPID-00064",
          "CSAFPID-00065",
          "CSAFPID-00066",
          "CSAFPID-00067",
          "CSAFPID-00068",
          "CSAFPID-00069",
          "CSAFPID-00070",
          "CSAFPID-00071",
          "CSAFPID-00072",
          "CSAFPID-00073",
          "CSAFPID-00074",
          "CSAFPID-00075"
        ]
      },
      "references": [
        {
          "summary": "CVE-2022-25752 - SCALANCE X302-7 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X302-7 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X302-7 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X302-7 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X302-7 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X302-7 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X302-7 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X302-7 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X304-2FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X306-1LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-2 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-2 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-2 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-2 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-2 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-2 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-2 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-2 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X320-1 FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X320-1-2LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE X408-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M PoE (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M PoE (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M PoE (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M PoE (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 - SIPLUS NET SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25752 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-25752.json"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25752"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.1.4 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "category": "workaround",
          "details": "Restrict access to the affected systems, especially to ports 22/tcp, 161/udp, and 443/tcp to trusted IP addresses only",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Disable SNMP service, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Deactivate the webserver if not required, and if deactivation is supported by the product",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "title": "CVE-2022-25752"
    },
    {
      "cve": "CVE-2022-25753",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022",
          "CSAFPID-00023",
          "CSAFPID-00024",
          "CSAFPID-00025",
          "CSAFPID-00026",
          "CSAFPID-00027",
          "CSAFPID-00028",
          "CSAFPID-00029",
          "CSAFPID-00030",
          "CSAFPID-00031",
          "CSAFPID-00032",
          "CSAFPID-00033",
          "CSAFPID-00034",
          "CSAFPID-00035",
          "CSAFPID-00036",
          "CSAFPID-00037",
          "CSAFPID-00038",
          "CSAFPID-00039",
          "CSAFPID-00040",
          "CSAFPID-00041",
          "CSAFPID-00042",
          "CSAFPID-00043",
          "CSAFPID-00044",
          "CSAFPID-00045",
          "CSAFPID-00046",
          "CSAFPID-00047",
          "CSAFPID-00048",
          "CSAFPID-00049",
          "CSAFPID-00050",
          "CSAFPID-00051",
          "CSAFPID-00052",
          "CSAFPID-00053",
          "CSAFPID-00054",
          "CSAFPID-00055",
          "CSAFPID-00056",
          "CSAFPID-00057",
          "CSAFPID-00058",
          "CSAFPID-00059",
          "CSAFPID-00060",
          "CSAFPID-00061",
          "CSAFPID-00062",
          "CSAFPID-00063",
          "CSAFPID-00064",
          "CSAFPID-00065",
          "CSAFPID-00066",
          "CSAFPID-00067",
          "CSAFPID-00068",
          "CSAFPID-00069",
          "CSAFPID-00070",
          "CSAFPID-00071",
          "CSAFPID-00072",
          "CSAFPID-00073",
          "CSAFPID-00074",
          "CSAFPID-00075"
        ]
      },
      "references": [
        {
          "summary": "CVE-2022-25753 - SCALANCE X302-7 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X302-7 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X302-7 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X302-7 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X302-7 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X302-7 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X302-7 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X302-7 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X304-2FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X306-1LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-2 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-2 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-2 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-2 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-2 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-2 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-2 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-2 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X320-1 FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X320-1-2LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE X408-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M PoE (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M PoE (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M PoE (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M PoE (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 - SIPLUS NET SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25753 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-25753.json"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25753"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.1.4 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "category": "workaround",
          "details": "Restrict access to the affected systems, especially to ports 22/tcp, 161/udp, and 443/tcp to trusted IP addresses only",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Disable SNMP service, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Deactivate the webserver if not required, and if deactivation is supported by the product",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "title": "CVE-2022-25753"
    },
    {
      "cve": "CVE-2022-25754",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The integrated web server of the affected device could allow remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022",
          "CSAFPID-00023",
          "CSAFPID-00024",
          "CSAFPID-00025",
          "CSAFPID-00026",
          "CSAFPID-00027",
          "CSAFPID-00028",
          "CSAFPID-00029",
          "CSAFPID-00030",
          "CSAFPID-00031",
          "CSAFPID-00032",
          "CSAFPID-00033",
          "CSAFPID-00034",
          "CSAFPID-00035",
          "CSAFPID-00036",
          "CSAFPID-00037",
          "CSAFPID-00038",
          "CSAFPID-00039",
          "CSAFPID-00040",
          "CSAFPID-00041",
          "CSAFPID-00042",
          "CSAFPID-00043",
          "CSAFPID-00044",
          "CSAFPID-00045",
          "CSAFPID-00046",
          "CSAFPID-00047",
          "CSAFPID-00048",
          "CSAFPID-00049",
          "CSAFPID-00050",
          "CSAFPID-00051",
          "CSAFPID-00052",
          "CSAFPID-00053",
          "CSAFPID-00054",
          "CSAFPID-00055",
          "CSAFPID-00056",
          "CSAFPID-00057",
          "CSAFPID-00058",
          "CSAFPID-00059",
          "CSAFPID-00060",
          "CSAFPID-00061",
          "CSAFPID-00062",
          "CSAFPID-00063",
          "CSAFPID-00064",
          "CSAFPID-00065",
          "CSAFPID-00066",
          "CSAFPID-00067",
          "CSAFPID-00068",
          "CSAFPID-00069",
          "CSAFPID-00070",
          "CSAFPID-00071",
          "CSAFPID-00072",
          "CSAFPID-00073",
          "CSAFPID-00074",
          "CSAFPID-00075"
        ]
      },
      "references": [
        {
          "summary": "CVE-2022-25754 - SCALANCE X302-7 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X302-7 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X302-7 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X302-7 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X302-7 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X302-7 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X302-7 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X302-7 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X304-2FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X306-1LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-2 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-2 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-2 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-2 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-2 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-2 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-2 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-2 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X320-1 FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X320-1-2LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE X408-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M PoE (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M PoE (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M PoE (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M PoE (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 - SIPLUS NET SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25754 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-25754.json"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25754"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.1.4 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "category": "workaround",
          "details": "Restrict access to the affected systems, especially to ports 22/tcp, 161/udp, and 443/tcp to trusted IP addresses only",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Disable SNMP service, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Deactivate the webserver if not required, and if deactivation is supported by the product",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "title": "CVE-2022-25754"
    },
    {
      "cve": "CVE-2022-25755",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The webserver of an affected device is missing specific security headers. This could allow an remote attacker to extract confidential session information under certain circumstances.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022",
          "CSAFPID-00023",
          "CSAFPID-00024",
          "CSAFPID-00025",
          "CSAFPID-00026",
          "CSAFPID-00027",
          "CSAFPID-00028",
          "CSAFPID-00029",
          "CSAFPID-00030",
          "CSAFPID-00031",
          "CSAFPID-00032",
          "CSAFPID-00033",
          "CSAFPID-00034",
          "CSAFPID-00035",
          "CSAFPID-00036",
          "CSAFPID-00037",
          "CSAFPID-00038",
          "CSAFPID-00039",
          "CSAFPID-00040",
          "CSAFPID-00041",
          "CSAFPID-00042",
          "CSAFPID-00043",
          "CSAFPID-00044",
          "CSAFPID-00045",
          "CSAFPID-00046",
          "CSAFPID-00047",
          "CSAFPID-00048",
          "CSAFPID-00049",
          "CSAFPID-00050",
          "CSAFPID-00051",
          "CSAFPID-00052",
          "CSAFPID-00053",
          "CSAFPID-00054",
          "CSAFPID-00055",
          "CSAFPID-00056",
          "CSAFPID-00057",
          "CSAFPID-00058",
          "CSAFPID-00059",
          "CSAFPID-00060",
          "CSAFPID-00061",
          "CSAFPID-00062",
          "CSAFPID-00063",
          "CSAFPID-00064",
          "CSAFPID-00065",
          "CSAFPID-00066",
          "CSAFPID-00067",
          "CSAFPID-00068",
          "CSAFPID-00069",
          "CSAFPID-00070",
          "CSAFPID-00071",
          "CSAFPID-00072",
          "CSAFPID-00073",
          "CSAFPID-00074",
          "CSAFPID-00075"
        ]
      },
      "references": [
        {
          "summary": "CVE-2022-25755 - SCALANCE X302-7 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X302-7 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X302-7 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X302-7 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X302-7 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X302-7 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X302-7 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X302-7 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X304-2FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X306-1LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-2 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-2 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-2 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-2 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-2 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-2 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-2 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-2 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X320-1 FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X320-1-2LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE X408-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M PoE (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M PoE (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M PoE (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M PoE (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 - SIPLUS NET SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25755 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-25755.json"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25755"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.1.4 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "category": "workaround",
          "details": "Restrict access to the affected systems, especially to ports 22/tcp, 161/udp, and 443/tcp to trusted IP addresses only",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Disable SNMP service, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Deactivate the webserver if not required, and if deactivation is supported by the product",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "title": "CVE-2022-25755"
    },
    {
      "cve": "CVE-2022-25756",
      "cwe": {
        "id": "CWE-80",
        "name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. This can be used by an attacker to trigger a malicious request on the affected device.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022",
          "CSAFPID-00023",
          "CSAFPID-00024",
          "CSAFPID-00025",
          "CSAFPID-00026",
          "CSAFPID-00027",
          "CSAFPID-00028",
          "CSAFPID-00029",
          "CSAFPID-00030",
          "CSAFPID-00031",
          "CSAFPID-00032",
          "CSAFPID-00033",
          "CSAFPID-00034",
          "CSAFPID-00035",
          "CSAFPID-00036",
          "CSAFPID-00037",
          "CSAFPID-00038",
          "CSAFPID-00039",
          "CSAFPID-00040",
          "CSAFPID-00041",
          "CSAFPID-00042",
          "CSAFPID-00043",
          "CSAFPID-00044",
          "CSAFPID-00045",
          "CSAFPID-00046",
          "CSAFPID-00047",
          "CSAFPID-00048",
          "CSAFPID-00049",
          "CSAFPID-00050",
          "CSAFPID-00051",
          "CSAFPID-00052",
          "CSAFPID-00053",
          "CSAFPID-00054",
          "CSAFPID-00055",
          "CSAFPID-00056",
          "CSAFPID-00057",
          "CSAFPID-00058",
          "CSAFPID-00059",
          "CSAFPID-00060",
          "CSAFPID-00061",
          "CSAFPID-00062",
          "CSAFPID-00063",
          "CSAFPID-00064",
          "CSAFPID-00065",
          "CSAFPID-00066",
          "CSAFPID-00067",
          "CSAFPID-00068",
          "CSAFPID-00069",
          "CSAFPID-00070",
          "CSAFPID-00071",
          "CSAFPID-00072",
          "CSAFPID-00073",
          "CSAFPID-00074",
          "CSAFPID-00075"
        ]
      },
      "references": [
        {
          "summary": "CVE-2022-25756 - SCALANCE X302-7 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X302-7 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X302-7 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X302-7 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X302-7 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X302-7 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X302-7 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X302-7 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X304-2FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X306-1LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-2 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-2 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-2 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-2 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-2 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-2 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-2 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-2 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X320-1 FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X320-1-2LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE X408-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M PoE (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M PoE (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M PoE (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M PoE (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 - SIPLUS NET SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-25756 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-25756.json"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-25756"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.1.4 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "category": "workaround",
          "details": "Restrict access to the affected systems, especially to ports 22/tcp, 161/udp, and 443/tcp to trusted IP addresses only",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Disable SNMP service, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Deactivate the webserver if not required, and if deactivation is supported by the product",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.9,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "title": "CVE-2022-25756"
    },
    {
      "cve": "CVE-2022-26334",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022",
          "CSAFPID-00023",
          "CSAFPID-00024",
          "CSAFPID-00025",
          "CSAFPID-00026",
          "CSAFPID-00027",
          "CSAFPID-00028",
          "CSAFPID-00029",
          "CSAFPID-00030",
          "CSAFPID-00031",
          "CSAFPID-00032",
          "CSAFPID-00033",
          "CSAFPID-00034",
          "CSAFPID-00035",
          "CSAFPID-00036",
          "CSAFPID-00037",
          "CSAFPID-00038",
          "CSAFPID-00039",
          "CSAFPID-00040",
          "CSAFPID-00041",
          "CSAFPID-00042",
          "CSAFPID-00043",
          "CSAFPID-00044",
          "CSAFPID-00045",
          "CSAFPID-00046",
          "CSAFPID-00047",
          "CSAFPID-00048",
          "CSAFPID-00049",
          "CSAFPID-00050",
          "CSAFPID-00051",
          "CSAFPID-00052",
          "CSAFPID-00053",
          "CSAFPID-00054",
          "CSAFPID-00055",
          "CSAFPID-00056",
          "CSAFPID-00057",
          "CSAFPID-00058",
          "CSAFPID-00059",
          "CSAFPID-00060",
          "CSAFPID-00061",
          "CSAFPID-00062",
          "CSAFPID-00063",
          "CSAFPID-00064",
          "CSAFPID-00065",
          "CSAFPID-00066",
          "CSAFPID-00067",
          "CSAFPID-00068",
          "CSAFPID-00069",
          "CSAFPID-00070",
          "CSAFPID-00071",
          "CSAFPID-00072",
          "CSAFPID-00073",
          "CSAFPID-00074",
          "CSAFPID-00075"
        ]
      },
      "references": [
        {
          "summary": "CVE-2022-26334 - SCALANCE X302-7 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X302-7 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X302-7 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X302-7 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X302-7 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X302-7 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X302-7 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X302-7 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X304-2FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X306-1LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-2 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-2 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-2 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-2 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-2 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-2 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-2 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-2 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X320-1 FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X320-1-2LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE X408-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M PoE (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M PoE (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M PoE (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M PoE (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 - SIPLUS NET SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26334 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-26334.json"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26334"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.1.4 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "category": "workaround",
          "details": "Restrict access to the affected systems, especially to ports 22/tcp, 161/udp, and 443/tcp to trusted IP addresses only",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Disable SNMP service, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Deactivate the webserver if not required, and if deactivation is supported by the product",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "title": "CVE-2022-26334"
    },
    {
      "cve": "CVE-2022-26335",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote attacker to crash affected devices.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022",
          "CSAFPID-00023",
          "CSAFPID-00024",
          "CSAFPID-00025",
          "CSAFPID-00026",
          "CSAFPID-00027",
          "CSAFPID-00028",
          "CSAFPID-00029",
          "CSAFPID-00030",
          "CSAFPID-00031",
          "CSAFPID-00032",
          "CSAFPID-00033",
          "CSAFPID-00034",
          "CSAFPID-00035",
          "CSAFPID-00036",
          "CSAFPID-00037",
          "CSAFPID-00038",
          "CSAFPID-00039",
          "CSAFPID-00040",
          "CSAFPID-00041",
          "CSAFPID-00042",
          "CSAFPID-00043",
          "CSAFPID-00044",
          "CSAFPID-00045",
          "CSAFPID-00046",
          "CSAFPID-00047",
          "CSAFPID-00048",
          "CSAFPID-00049",
          "CSAFPID-00050",
          "CSAFPID-00051",
          "CSAFPID-00052",
          "CSAFPID-00053",
          "CSAFPID-00054",
          "CSAFPID-00055",
          "CSAFPID-00056",
          "CSAFPID-00057",
          "CSAFPID-00058",
          "CSAFPID-00059",
          "CSAFPID-00060",
          "CSAFPID-00061",
          "CSAFPID-00062",
          "CSAFPID-00063",
          "CSAFPID-00064",
          "CSAFPID-00065",
          "CSAFPID-00066",
          "CSAFPID-00067",
          "CSAFPID-00068",
          "CSAFPID-00069",
          "CSAFPID-00070",
          "CSAFPID-00071",
          "CSAFPID-00072",
          "CSAFPID-00073",
          "CSAFPID-00074",
          "CSAFPID-00075"
        ]
      },
      "references": [
        {
          "summary": "CVE-2022-26335 - SCALANCE X302-7 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X302-7 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X302-7 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X302-7 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X302-7 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X302-7 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X302-7 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X302-7 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X304-2FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X306-1LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-2 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-2 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-2 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-2 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-2 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-2 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-2 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-2 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X320-1 FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X320-1-2LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE X408-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M PoE (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M PoE (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M PoE (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M PoE (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 - SIPLUS NET SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26335 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-26335.json"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26335"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.1.4 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "category": "workaround",
          "details": "Restrict access to the affected systems, especially to ports 22/tcp, 161/udp, and 443/tcp to trusted IP addresses only",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Disable SNMP service, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Deactivate the webserver if not required, and if deactivation is supported by the product",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "title": "CVE-2022-26335"
    },
    {
      "cve": "CVE-2022-26380",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Affected devices do not properly validate if a certain SNMP key exists. An attacker could use this to trigger a reboot of an affected device by requesting specific SNMP information from the device.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016",
          "CSAFPID-00017",
          "CSAFPID-00018",
          "CSAFPID-00019",
          "CSAFPID-00020",
          "CSAFPID-00021",
          "CSAFPID-00022",
          "CSAFPID-00023",
          "CSAFPID-00024",
          "CSAFPID-00025",
          "CSAFPID-00026",
          "CSAFPID-00027",
          "CSAFPID-00028",
          "CSAFPID-00029",
          "CSAFPID-00030",
          "CSAFPID-00031",
          "CSAFPID-00032",
          "CSAFPID-00033",
          "CSAFPID-00034",
          "CSAFPID-00035",
          "CSAFPID-00036",
          "CSAFPID-00037",
          "CSAFPID-00038",
          "CSAFPID-00039",
          "CSAFPID-00040",
          "CSAFPID-00041",
          "CSAFPID-00042",
          "CSAFPID-00043",
          "CSAFPID-00044",
          "CSAFPID-00045",
          "CSAFPID-00046",
          "CSAFPID-00047",
          "CSAFPID-00048",
          "CSAFPID-00049",
          "CSAFPID-00050",
          "CSAFPID-00051",
          "CSAFPID-00052",
          "CSAFPID-00053",
          "CSAFPID-00054",
          "CSAFPID-00055",
          "CSAFPID-00056",
          "CSAFPID-00057",
          "CSAFPID-00058",
          "CSAFPID-00059",
          "CSAFPID-00060",
          "CSAFPID-00061",
          "CSAFPID-00062",
          "CSAFPID-00063",
          "CSAFPID-00064",
          "CSAFPID-00065",
          "CSAFPID-00066",
          "CSAFPID-00067",
          "CSAFPID-00068",
          "CSAFPID-00069",
          "CSAFPID-00070",
          "CSAFPID-00071",
          "CSAFPID-00072",
          "CSAFPID-00073",
          "CSAFPID-00074",
          "CSAFPID-00075"
        ]
      },
      "references": [
        {
          "summary": "CVE-2022-26380 - SCALANCE X302-7 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X302-7 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X302-7 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X302-7 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X302-7 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X302-7 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X302-7 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X302-7 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X304-2FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X306-1LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-2 EEC (2x 24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-2 EEC (2x 24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-2 EEC (2x 230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-2 EEC (2x 230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-2 EEC (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-2 EEC (24V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-2 EEC (230V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-2 EEC (230V, coated)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-3",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X307-3LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2LD",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2LH",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2LH+",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2M",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2M PoE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X308-2M TS",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X310",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X310FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X320-1 FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X320-1-2LD FE",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE X408-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M PoE (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M PoE (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M PoE (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M PoE (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M (24V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M (24V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M (230V, ports on front)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M (230V, ports on rear)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SCALANCE XR324-12M TS (24V)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 - SIPLUS NET SCALANCE X308-2",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "summary": "CVE-2022-26380 Mitre 5.0 json",
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-26380.json"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26380"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to V4.1.4 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109808359/"
        },
        {
          "category": "workaround",
          "details": "Restrict access to the affected systems, especially to ports 22/tcp, 161/udp, and 443/tcp to trusted IP addresses only",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Disable SNMP service, if possible",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "workaround",
          "details": "Deactivate the webserver if not required, and if deactivation is supported by the product",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016",
            "CSAFPID-00017",
            "CSAFPID-00018",
            "CSAFPID-00019",
            "CSAFPID-00020",
            "CSAFPID-00021",
            "CSAFPID-00022",
            "CSAFPID-00023",
            "CSAFPID-00024",
            "CSAFPID-00025",
            "CSAFPID-00026",
            "CSAFPID-00027",
            "CSAFPID-00028",
            "CSAFPID-00029",
            "CSAFPID-00030",
            "CSAFPID-00031",
            "CSAFPID-00032",
            "CSAFPID-00033",
            "CSAFPID-00034",
            "CSAFPID-00035",
            "CSAFPID-00036",
            "CSAFPID-00037",
            "CSAFPID-00038",
            "CSAFPID-00039",
            "CSAFPID-00040",
            "CSAFPID-00041",
            "CSAFPID-00042",
            "CSAFPID-00043",
            "CSAFPID-00044",
            "CSAFPID-00045",
            "CSAFPID-00046",
            "CSAFPID-00047",
            "CSAFPID-00048",
            "CSAFPID-00049",
            "CSAFPID-00050",
            "CSAFPID-00051",
            "CSAFPID-00052",
            "CSAFPID-00053",
            "CSAFPID-00054",
            "CSAFPID-00055",
            "CSAFPID-00056",
            "CSAFPID-00057",
            "CSAFPID-00058",
            "CSAFPID-00059",
            "CSAFPID-00060",
            "CSAFPID-00061",
            "CSAFPID-00062",
            "CSAFPID-00063",
            "CSAFPID-00064",
            "CSAFPID-00065",
            "CSAFPID-00066",
            "CSAFPID-00067",
            "CSAFPID-00068",
            "CSAFPID-00069",
            "CSAFPID-00070",
            "CSAFPID-00071",
            "CSAFPID-00072",
            "CSAFPID-00073",
            "CSAFPID-00074",
            "CSAFPID-00075"
          ]
        }
      ],
      "title": "CVE-2022-26380"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.