CVE-2022-29873

EPSS 2.69%
Published 20.05.2022 13:15:15
Last modified 21.11.2024 06:59:52
Source productcert@siemens.com
Teams watchlist Login
Open Login

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Siemens ≫ 7kg8500-0aa00-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa00-0aa0 Version-

Siemens ≫ 7kg8500-0aa00-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa00-2aa0 Version-

Siemens ≫ 7kg8500-0aa10-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa10-0aa0 Version-

Siemens ≫ 7kg8500-0aa10-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa10-2aa0 Version-

Siemens ≫ 7kg8500-0aa30-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa30-0aa0 Version-

Siemens ≫ 7kg8500-0aa30-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa30-2aa0 Version-

Siemens ≫ 7kg8501-0aa01-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa01-0aa0 Version-

Siemens ≫ 7kg8501-0aa01-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa01-2aa0 Version-

Siemens ≫ 7kg8501-0aa02-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa02-0aa0 Version-

Siemens ≫ 7kg8501-0aa02-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa02-2aa0 Version-

Siemens ≫ 7kg8501-0aa11-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa11-0aa0 Version-

Siemens ≫ 7kg8501-0aa11-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa11-2aa0 Version-

Siemens ≫ 7kg8501-0aa12-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa12-0aa0 Version-

Siemens ≫ 7kg8501-0aa12-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa12-2aa0 Version-

Siemens ≫ 7kg8501-0aa31-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa31-0aa0 Version-

Siemens ≫ 7kg8501-0aa31-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa31-2aa0 Version-

Siemens ≫ 7kg8501-0aa32-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa32-0aa0 Version-

Siemens ≫ 7kg8501-0aa32-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa32-2aa0 Version-

Siemens ≫ 7kg8550-0aa00-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa00-0aa0 Version-

Siemens ≫ 7kg8550-0aa00-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa00-2aa0 Version-

Siemens ≫ 7kg8550-0aa10-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa10-0aa0 Version-

Siemens ≫ 7kg8550-0aa10-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa10-2aa0 Version-

Siemens ≫ 7kg8550-0aa30-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa30-0aa0 Version-

Siemens ≫ 7kg8550-0aa30-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa30-2aa0 Version-

Siemens ≫ 7kg8551-0aa01-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa01-0aa0 Version-

Siemens ≫ 7kg8551-0aa01-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa01-2aa0 Version-

Siemens ≫ 7kg8551-0aa02-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa02-0aa0 Version-

Siemens ≫ 7kg8551-0aa02-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa02-2aa0 Version-

Siemens ≫ 7kg8551-0aa11-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa11-0aa0 Version-

Siemens ≫ 7kg8551-0aa11-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa11-2aa0 Version-

Siemens ≫ 7kg8551-0aa12-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa12-0aa0 Version-

Siemens ≫ 7kg8551-0aa12-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa12-2aa0 Version-

Siemens ≫ 7kg8551-0aa31-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa31-0aa0 Version-

Siemens ≫ 7kg8551-0aa31-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa31-2aa0 Version-

Siemens ≫ 7kg8551-0aa32-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa32-0aa0 Version-

Siemens ≫ 7kg8551-0aa32-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa32-2aa0 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.69%	0.853

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-141 Improper Neutralization of Parameter/Argument Delimiters

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter or argument delimiters when they are sent to a downstream component.

https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-29873

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-29873

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-29873

EUVD