Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.1
CVSSv3

CVE-2022-36323

Published: 10/08/2022 Updated: 27/06/2023
CVSS v3 Base Score: 9.1 | Impact Score: 6 | Exploitability Score: 2.3
VMScore: 0
Subscribe to Scalance M-800 Firmware

Vulnerability Summary

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens scalance_m-800_firmware

siemens scalance_s615_firmware

siemens scalance_sc-600_firmware

siemens scalance_sc622-2c_firmware

siemens scalance_sc632-2c_firmware

siemens scalance_sc636-2c_firmware

siemens scalance_sc642-2c_firmware

siemens scalance_sc646-2c_firmware

siemens scalance_w700_ieee_802.11ax_firmware

siemens scalance_w700_ieee_802.11n_firmware

siemens scalance_w700_ieee_802.11ac_firmware

siemens scalance_xb-200_firmware

siemens scalance_xb205-3_firmware

siemens scalance_xb205-3ld_firmware

siemens scalance_xb208_firmware

siemens scalance_xb213-3_firmware

siemens scalance_xb213-3ld_firmware

siemens scalance_xb216_firmware

siemens scalance_xc-200_firmware

siemens scalance_xc206-2_firmware

siemens scalance_xc206-2g_poe__firmware

siemens scalance_xc206-2g_poe_eec_firmware

siemens scalance_xc206-2sfp_eec_firmware

siemens scalance_xc206-2sfp_g_firmware

siemens scalance_xc206-2sfp_g_\\(e\\/ip\\)_firmware

siemens scalance_xc206-2sfp_g_eec_firmware

siemens scalance_xc208_firmware

siemens scalance_xc208eec_firmware

siemens scalance_xc208g_firmware

siemens scalance_xc208g_\\(e\\/ip\\)_firmware

siemens scalance_xc208g_eec_firmware

siemens scalance_xc208g_poe_firmware

siemens scalance_xc216_firmware

siemens scalance_xc216-4c_firmware

siemens scalance_xc216-4c_g_firmware

siemens scalance_xc216-4c_g_\\(e\\/ip\\)_firmware

siemens scalance_xc216-4c_g_eec_firmware

siemens scalance_xc216eec_firmware

siemens scalance_xc224__firmware

siemens scalance_xc224-4c_g__firmware

siemens scalance_xc224-4c_g_\\(e\\/ip\\)_firmware

siemens scalance_xc224-4c_g_eec_firmware

siemens scalance_xf-200ba_firmware

siemens scalance_xf204-2ba_dna_firmware

siemens scalance_xf204-2ba_irt_firmware

siemens scalance_xm400_firmware

siemens scalance_xm408-4c_firmware

siemens scalance_xm408-4c_l3_firmware

siemens scalance_xm408-8c_firmware

siemens scalance_xm408-8c_l3_firmware

siemens scalance_xm416-4c_firmware

siemens scalance_xm416-4c_l3_firmware

siemens scalance_xp-200_firmware

siemens scalance_xp208_firmware

siemens scalance_xp208_\\(eip\\)_firmware

siemens scalance_xp208eec_firmware

siemens scalance_xp208poe_eec_firmware

siemens scalance_xp216_firmware

siemens scalance_xp216_\\(eip\\)_firmware

siemens scalance_xp216eec_firmware

siemens scalance_xp216poe_eec_firmware

siemens scalance_xr-300_firmware

siemens scalance_xr-300eec_firmware

siemens scalance_xr-300poe_firmware

siemens scalance_xr-300wg_firmware

siemens scalance_xr324-12m_firmware

siemens scalance_xr324-12m_ts_firmware

siemens scalance_xr324-4m_eec_firmware

siemens scalance_xr324-4m_poe_firmware

siemens scalance_xr324-4m_poe_ts_firmware

siemens scalance_xr324wg_firmware

siemens scalance_xr326-2c_poe_wg_firmware

siemens scalance_xr328-4c_wg_firmware

siemens scalance_xr500_firmware

siemens scalance_xr524_firmware

siemens scalance_xr524-8c_firmware

siemens scalance_xr524-8c_l3_firmware

siemens scalance_xr526_firmware

siemens scalance_xr526-8c_firmware

siemens scalance_xr526-8c_l3_firmware

siemens scalance_xr528_firmware

siemens scalance_xr528-6m_firmware

siemens scalance_xr528-6m_2hr2_firmware

siemens scalance_xr528-6m_2hr2_l3_firmware

siemens scalance_xr528-6m_l3_firmware

siemens scalance_xr552_firmware

siemens scalance_xr552-12_firmware

siemens scalance_xr552-12m_firmware

siemens scalance_xr552-12m_2hr2_firmware

siemens scalance_xr552-12m_2hr2_l3_firmware

ICS Advisories

Siemens SCALANCE
https://ics-cert.us-cert.gov/advisories/f8b1c4be8617602ab67e06fbcf871c56
Critical Infrastructure Sectors: Critical Manufacturing
https://ics-cert.us-cert.gov/advisories/71cffbbb5782b9d4ff8663dd3e2f52c6
https://ics-cert.us-cert.gov/advisories/0520e0d3bcca7616a258c99b3e14685a
Critical Infrastructure Sectors: Critical Manufacturing

References

NVD-CWE-Otherhttps://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdfhttps://nvd.nist.govhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-223-07
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook