Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2022-26649

Published: 12/07/2022 Updated: 11/04/2023
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.6 | Impact Score: 6 | Exploitability Score: 2.8
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Siemens

Vulnerability Summary

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the URI of incoming HTTP GET requests. This could allow an unauthenticated remote malicious user to crash affected devices.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens scalance_x204-2_firmware

siemens scalance_x204-2fm_firmware

siemens scalance_x204-2ld_firmware

siemens scalance_x204-2ld_ts_firmware

siemens scalance_x204-2ts_firmware

siemens scalance_x206-1_firmware

siemens scalance_x206-1ld_firmware

siemens scalance_x208_firmware

siemens scalance_x208_pro_firmware

siemens scalance_x212-2_firmware

siemens scalance_x212-2ld_firmware

siemens scalance_x216_firmware

siemens scalance_x224_firmware

siemens scalance_xf204_firmware

siemens scalance_xf204-2_firmware

siemens scalance_xf206-1_firmware

siemens scalance_xf208_firmware

siemens scalance_x200-4p_irt_firmware

siemens scalance_x201-3p_irt_firmware

siemens scalance_x201-3p_irt_pro_firmware

siemens scalance_x202-2irt_firmware

siemens scalance_x202-2p_irt_firmware

siemens scalance_x202-2p_irt_pro_firmware

siemens scalance_x204irt_firmware

siemens scalance_x204irt_pro_firmware

siemens scalance_xf201-3p_irt_firmware

siemens scalance_xf202-2p_irt_firmware

siemens scalance_xf204-2ba_irt_firmware

siemens scalance_xf204irt_firmware

ICS Advisories

Siemens SCALANCE X Switch Devices

References

CWE-120https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdfhttps://nvd.nist.govhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-195-01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook