VDB

CISA-2022-46140

CISA-2022-46140 PUBLISHED CVSS 6.5 MEDIUM

Reported by siemens · Published December 13, 2022

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
SiemensRUGGEDCOM RM1224 LTE(4G) EU0
SiemensRUGGEDCOM RM1224 LTE(4G) NAM0
SiemensSCALANCE M804PB0
SiemensSCALANCE M812-1 ADSL-Router0
SiemensSCALANCE M812-1 ADSL-Router0
SiemensSCALANCE M816-1 ADSL-Router0
SiemensSCALANCE M816-1 ADSL-Router0
SiemensSCALANCE M826-2 SHDSL-Router0
SiemensSCALANCE M874-20
SiemensSCALANCE M874-30
SiemensSCALANCE M876-30
SiemensSCALANCE M876-3 (ROK)0
SiemensSCALANCE M876-40
SiemensSCALANCE M876-4 (EU)0
SiemensSCALANCE M876-4 (NAM)0
SiemensSCALANCE MUM853-1 (EU)0
SiemensSCALANCE MUM856-1 (EU)0
SiemensSCALANCE MUM856-1 (RoW)0
SiemensSCALANCE S615 EEC LAN-Router0
SiemensSCALANCE S615 LAN-Router0

…and 321 more

Timeline

  • Dec 13, 2022 CVE Published
  • Apr 21, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›