VDB
CISA-2022-36323
CISA-2022-36323
PUBLISHED
CVSS 9.1 CRITICAL
Reported by siemens · Published August 10, 2022
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.
Risk Scores
CVSS 3.1
9.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | RUGGEDCOM RM1224 LTE(4G) EU | All versions < V7.1.2 |
| Siemens | RUGGEDCOM RM1224 LTE(4G) NAM | All versions < V7.1.2 |
| Siemens | SCALANCE M804PB | All versions < V7.1.2 |
| Siemens | SCALANCE M812-1 ADSL-Router (Annex A) | All versions < V7.1.2 |
| Siemens | SCALANCE M812-1 ADSL-Router (Annex B) | All versions < V7.1.2 |
| Siemens | SCALANCE M816-1 ADSL-Router (Annex A) | All versions < V7.1.2 |
| Siemens | SCALANCE M816-1 ADSL-Router (Annex B) | All versions < V7.1.2 |
| Siemens | SCALANCE M826-2 SHDSL-Router | All versions < V7.1.2 |
| Siemens | SCALANCE M874-2 | All versions < V7.1.2 |
| Siemens | SCALANCE M874-3 | All versions < V7.1.2 |
| Siemens | SCALANCE M876-3 (EVDO) | All versions < V7.1.2 |
| Siemens | SCALANCE M876-3 (ROK) | All versions < V7.1.2 |
| Siemens | SCALANCE M876-4 (EU) | All versions < V7.1.2 |
| Siemens | SCALANCE M876-4 (NAM) | All versions < V7.1.2 |
| Siemens | SCALANCE MUM853-1 (EU) | All versions < V7.1.2 |
| Siemens | SCALANCE MUM856-1 (EU) | All versions < V7.1.2 |
| Siemens | SCALANCE MUM856-1 (RoW) | All versions < V7.1.2 |
| Siemens | SCALANCE S615 | All versions < V7.1.2 |
| Siemens | SCALANCE SC622-2C | All versions < V2.3.1 |
| Siemens | SCALANCE SC626-2C | All versions < V2.3.1 |
…and 319 more
Timeline
- Aug 10, 2022 CVE Published
- May 20, 2025 CVE Updated