Lucene search
SiemensCVELIST:CVE-2022-33138HistoryJul 12, 2022 - 10:06 a.m.
CVE-2022-33138
2022-07-1210:06:46
CWE-306
siemens
www.cve.org
1
A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device.
CNA Affected
[
{
"product": "SIMATIC MV540 H",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.3"
}
]
},
{
"product": "SIMATIC MV540 S",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.3"
}
]
},
{
"product": "SIMATIC MV550 H",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.3"
}
]
},
{
"product": "SIMATIC MV550 S",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.3"
}
]
},
{
"product": "SIMATIC MV560 U",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.3"
}
]
},
{
"product": "SIMATIC MV560 X",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions < V3.3"
}
]
}
]Related
prion
prion
Authentication flaw
2022-07-12 10:15:00
nvd
nvd
CVE-2022-33138
2022-07-12 10:15:10
cve
cve
CVE-2022-33138
2022-07-12 10:15:10
ics
ics
Siemens SIMATIC MV500 Devices
2022-07-14 12:00:00