VDB
SSA-558014
SSA-558014
PUBLISHED
CVSS 7.5 HIGH
Multiple vulnerabilities in the third-party components cURL, BusyBox, libtirpc, Expat as well as in the Linux Kernel could allow an attacker to impact the SCALANCE XCM332 device's confidentiality, integrity and availability. Siemens has released an update for the SCALANCE XCM332 and recommends to update to the latest version.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SCALANCE XCM332 (6GK5332-0GA01-2AC2) |
Exploit Intelligence
- https://cert-portal.siemens.com/productcert/html/ssa-558014.html (circl)
- https://cert-portal.siemens.com/productcert/csaf/ssa-558014.json (circl)
- https://cert-portal.siemens.com/productcert/pdf/ssa-558014.pdf (circl)
- https://cert-portal.siemens.com/productcert/txt/ssa-558014.txt (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109817513/ (circl)
Timeline
- CVE Published
References
- https://cert-portal.siemens.com/productcert/html/ssa-558014.html advisory
- https://cert-portal.siemens.com/productcert/csaf/ssa-558014.json advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-558014.pdf advisory
- https://cert-portal.siemens.com/productcert/txt/ssa-558014.txt advisory
- https://support.industry.siemens.com/cs/ww/en/view/109817513/ fix