6.8
CVE-2022-38773
- EPSS 0.12%
- Veröffentlicht 10.01.2023 12:15:23
- Zuletzt bearbeitet 21.11.2024 07:17:03
- Quelle productcert@siemens.com
- Teams Watchlist Login
- Unerledigt Login
Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Simatic S7-1500 Cpu 1510sp-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1511-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1511c-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1511f-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1511t-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1511tf-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1512c-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1512sp-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1513-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1513f-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1513r-1 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1515-2 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1515f-2 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1515r-2 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1515t-2 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1515tf-2 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1516-3 Pn/dp Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1517-3 Pn/dp Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1517h-3 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1518-4 Pn/dp Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1518hf-4 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1513pro-2 Pn Firmware Version-
Siemens ≫ Simatic S7-1500 Cpu 1516pro-2 Pn Firmware Version-
Siemens ≫ Siplus Et 200sp Cpu 1510sp-1 Pn Firmware Version-
Siemens ≫ Siplus Et 200sp Cpu 1512sp-1 Pn Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1511-1 Pn Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1511f-1 Pn Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1513-1 Pn Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1513f-1 Pn Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1515f-2 Pn Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1515r-2 Pn Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1516-3 Pn/dp Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1516f-3 Pn/dp Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1517h-3 Pn Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1518-4 Pn/dp Firmware Version-
Siemens ≫ Siplus S7-1500 Cpu 1518f-4 Pn/dp Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.324 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| productcert@siemens.com | 4.6 | 0.9 | 3.6 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
CWE-1326 Missing Immutable Root of Trust in Hardware
A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code.