CVE-2022-43722 — Vulnetix

CVE-2022-43722 PUBLISHED

Es existiert eine Schwachstelle in Siemens SICAM PAS/PQS. Aufgrund einer ungenügenden Absicherung eines Ordners, der Bibliotheksdateien enthält, kann ein lokaler Angreifer beliebige bösartige DLL Dateien in diesem Ordner ablegen. In der Folge kann er beliebigen Code mit SYSTEM-Rechten zur Ausführung bringen.

EPSS 0.06% · 17.8th percentile

Risk Scores

EPSS Score

0.06%

17.8th percentile

Affected Products

Vendor	Product	Versions
Siemens	Siemens SICAM PAS/PQS < V8.06

Exploit Intelligence

Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)

…and 536 more exploits

Timeline

Oct 2, 2020 PoC Published
Nov 6, 2020 PoC Published
Sep 6, 2021 PoC Published
Dec 13, 2022 CVE Published
Dec 14, 2022 EPSS Score
Jan 25, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 8, 2023 EPSS Score
Apr 18, 2023 EPSS Score
May 30, 2023 EPSS Score
Jul 11, 2023 EPSS Score
Aug 22, 2023 EPSS Score

References

Open in Interactive Console →