Lucene search

SiemensCVE-2022-46144

HistoryDec 13, 2022 - 4:15 p.m.

CVE-2022-46144

2022-12-1316:15:25

CWE-664

siemens

web.nvd.nist.gov

cve-2022-46144

vulnerability

scalance

sc62x-2c

sc63x-2c

ssh

serial interface

nvd

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

46.7%

JSON

A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V2.3), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V2.3), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V2.3), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V2.3), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V2.3), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V2.3), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions), SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) (All versions), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions), SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) (All versions), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-2AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions), SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) (All versions), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions), SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) (All versions). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive.

Affected configurations

Nvd

Node

siemens6gk5622-2gs00-2ac2Match-

AND

siemens6gk5622-2gs00-2ac2_firmwareRange2.3–3.0

Node

siemens6gk5626-2gs00-2ac2Match-

AND

siemens6gk5626-2gs00-2ac2_firmwareRange2.3–3.0

Node

siemens6gk5632-2gs00-2ac2Match-

AND

siemens6gk5632-2gs00-2ac2_firmwareRange2.3–3.0

Node

siemens6gk5636-2gs00-2ac2Match-

AND

siemens6gk5636-2gs00-2ac2_firmwareRange2.3–3.0

Node

siemens6gk5642-2gs00-2ac2Match-

AND

siemens6gk5642-2gs00-2ac2_firmwareRange2.3–3.0

Node

siemens6gk5646-2gs00-2ac2Match-

AND

siemens6gk5646-2gs00-2ac2_firmwareRange2.3–3.0

Node

siemens6gk5622-2gs00-2ac2Match-

AND

siemens6gk5622-2gs00-2ac2_firmwareRange<2.3

Node

siemens6gk5626-2gs00-2ac2Match-

AND

siemens6gk5626-2gs00-2ac2_firmwareRange<2.3

Node

siemens6gk5632-2gs00-2ac2_firmwareRange<2.3

AND

siemens6gk5632-2gs00-2ac2Match-

Node

siemens6gk5636-2gs00-2ac2_firmwareRange<2.3

AND

siemens6gk5636-2gs00-2ac2Match-

Node

siemens6gk5642-2gs00-2ac2_firmwareRange<2.3

AND

siemens6gk5642-2gs00-2ac2Match-

Node

siemens6gk5646-2gs00-2ac2_firmwareRange<2.3

AND

siemens6gk5646-2gs00-2ac2Match-

VendorProductVersionCPE
siemens6gk5622-2gs00-2ac2-cpe:2.3:h:siemens:6gk5622-2gs00-2ac2:-:*:*:*:*:*:*:*
siemens6gk5622-2gs00-2ac2_firmware*cpe:2.3:o:siemens:6gk5622-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*
siemens6gk5626-2gs00-2ac2-cpe:2.3:h:siemens:6gk5626-2gs00-2ac2:-:*:*:*:*:*:*:*
siemens6gk5626-2gs00-2ac2_firmware*cpe:2.3:o:siemens:6gk5626-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*
siemens6gk5632-2gs00-2ac2-cpe:2.3:h:siemens:6gk5632-2gs00-2ac2:-:*:*:*:*:*:*:*
siemens6gk5632-2gs00-2ac2_firmware*cpe:2.3:o:siemens:6gk5632-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*
siemens6gk5636-2gs00-2ac2-cpe:2.3:h:siemens:6gk5636-2gs00-2ac2:-:*:*:*:*:*:*:*
siemens6gk5636-2gs00-2ac2_firmware*cpe:2.3:o:siemens:6gk5636-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*
siemens6gk5642-2gs00-2ac2-cpe:2.3:h:siemens:6gk5642-2gs00-2ac2:-:*:*:*:*:*:*:*
siemens6gk5642-2gs00-2ac2_firmware*cpe:2.3:o:siemens:6gk5642-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
siemens	6gk5622-2gs00-2ac2	-	cpe:2.3:h:siemens:6gk5622-2gs00-2ac2:-:::::::*
siemens	6gk5622-2gs00-2ac2_firmware	*	cpe:2.3:o:siemens:6gk5622-2gs00-2ac2_firmware::::::::
siemens	6gk5626-2gs00-2ac2	-	cpe:2.3:h:siemens:6gk5626-2gs00-2ac2:-:::::::*
siemens	6gk5626-2gs00-2ac2_firmware	*	cpe:2.3:o:siemens:6gk5626-2gs00-2ac2_firmware::::::::
siemens	6gk5632-2gs00-2ac2	-	cpe:2.3:h:siemens:6gk5632-2gs00-2ac2:-:::::::*
siemens	6gk5632-2gs00-2ac2_firmware	*	cpe:2.3:o:siemens:6gk5632-2gs00-2ac2_firmware::::::::
siemens	6gk5636-2gs00-2ac2	-	cpe:2.3:h:siemens:6gk5636-2gs00-2ac2:-:::::::*
siemens	6gk5636-2gs00-2ac2_firmware	*	cpe:2.3:o:siemens:6gk5636-2gs00-2ac2_firmware::::::::
siemens	6gk5642-2gs00-2ac2	-	cpe:2.3:h:siemens:6gk5642-2gs00-2ac2:-:::::::*
siemens	6gk5642-2gs00-2ac2_firmware	*	cpe:2.3:o:siemens:6gk5642-2gs00-2ac2_firmware::::::::

Rows per page:

1-10 of 121

CNA Affected

[
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC622-2C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC622-2C",
    "versions": [
      {
        "status": "affected",
        "version": "V2.3",
        "lessThan": "V3.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC626-2C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC626-2C",
    "versions": [
      {
        "status": "affected",
        "version": "V2.3",
        "lessThan": "V3.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC632-2C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC632-2C",
    "versions": [
      {
        "status": "affected",
        "version": "V2.3",
        "lessThan": "V3.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC636-2C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC636-2C",
    "versions": [
      {
        "status": "affected",
        "version": "V2.3",
        "lessThan": "V3.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC642-2C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC642-2C",
    "versions": [
      {
        "status": "affected",
        "version": "V2.3",
        "lessThan": "V3.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC646-2C",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE SC646-2C",
    "versions": [
      {
        "status": "affected",
        "version": "V2.3",
        "lessThan": "V3.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAB762-1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAM763-1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAM763-1 (ME)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAM763-1 (US)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAM766-1 (EU)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAM766-1 (ME)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAM766-1 (US)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAM766-1 EEC (EU)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAM766-1 EEC (ME)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WAM766-1 EEC (US)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WUB762-1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WUB762-1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WUM763-1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WUM763-1",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WUM763-1 (US)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WUM763-1 (US)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WUM766-1 (EU)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WUM766-1 (ME)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE WUM766-1 (US)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

cert-portal.siemens.com/productcert/html/ssa-413565.html

cert-portal.siemens.com/productcert/html/ssa-690517.html

cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

46.7%

JSON

Related for CVE-2022-46144