7.5

CVE-2022-40227

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions < V17 Update 5), SIMATIC HMI KTP400 Basic (All versions < V17 Update 5), SIMATIC HMI KTP700 Basic (All versions < V17 Update 5), SIMATIC HMI KTP900 Basic (All versions < V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP700 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP900 BASIC (All versions < V17 Update 5). Affected devices do not properly validate input sent to certain services over TCP. This could allow an unauthenticated remote attacker to cause a permanent denial of service condition (requiring a device reboot) by sending specially crafted TCP packets.

Data is provided by the National Vulnerability Database (NVD)
SiemensSimatic Hmi Comfort Panels Firmware Version17.0 Updateupdate1
SiemensSimatic Hmi Comfort Panels Firmware Version17.0 Updateupdate2
SiemensSimatic Hmi Comfort Panels Firmware Version17.0 Updateupdate3
SiemensSimatic Hmi Ktp400 Basic Firmware Version17.0 Update-
   SiemensSimatic Hmi Ktp400 Basic Version-
SiemensSimatic Hmi Ktp400 Basic Firmware Version17.0 Updateudpate1
   SiemensSimatic Hmi Ktp400 Basic Version-
SiemensSimatic Hmi Ktp400 Basic Firmware Version17.0 Updateupdate2
   SiemensSimatic Hmi Ktp400 Basic Version-
SiemensSimatic Hmi Ktp400 Basic Firmware Version17.0 Updateupdate3
   SiemensSimatic Hmi Ktp400 Basic Version-
SiemensSimatic Hmi Ktp400 Basic Firmware Version17.0 Updateupdate4
   SiemensSimatic Hmi Ktp400 Basic Version-
SiemensSimatic Hmi Ktp700 Basic Firmware Version17.0 Update-
   SiemensSimatic Hmi Ktp700 Basic Version-
SiemensSimatic Hmi Ktp700 Basic Firmware Version17.0 Updateudpate1
   SiemensSimatic Hmi Ktp700 Basic Version-
SiemensSimatic Hmi Ktp700 Basic Firmware Version17.0 Updateupdate2
   SiemensSimatic Hmi Ktp700 Basic Version-
SiemensSimatic Hmi Ktp700 Basic Firmware Version17.0 Updateupdate3
   SiemensSimatic Hmi Ktp700 Basic Version-
SiemensSimatic Hmi Ktp700 Basic Firmware Version17.0 Updateupdate4
   SiemensSimatic Hmi Ktp700 Basic Version-
SiemensSimatic Hmi Ktp900 Basic Firmware Version17.0 Update-
   SiemensSimatic Hmi Ktp900 Basic Version-
SiemensSimatic Hmi Ktp900 Basic Firmware Version17.0 Updateudpate1
   SiemensSimatic Hmi Ktp900 Basic Version-
SiemensSimatic Hmi Ktp900 Basic Firmware Version17.0 Updateupdate2
   SiemensSimatic Hmi Ktp900 Basic Version-
SiemensSimatic Hmi Ktp900 Basic Firmware Version17.0 Updateupdate3
   SiemensSimatic Hmi Ktp900 Basic Version-
SiemensSimatic Hmi Ktp900 Basic Firmware Version17.0 Updateupdate4
   SiemensSimatic Hmi Ktp900 Basic Version-
SiemensSimatic Hmi Ktp1200 Basic Firmware Version17.0 Updateudpate1
SiemensSimatic Hmi Ktp1200 Basic Firmware Version17.0 Updateupdate2
SiemensSimatic Hmi Ktp1200 Basic Firmware Version17.0 Updateupdate3
SiemensSimatic Hmi Ktp1200 Basic Firmware Version17.0 Updateupdate4
SiemensSimatic Hmi Ktp Mobile Panels Firmware Version17.0 Updateudpate1
SiemensSimatic Hmi Ktp Mobile Panels Firmware Version17.0 Updateupdate2
SiemensSimatic Hmi Ktp Mobile Panels Firmware Version17.0 Updateupdate3
SiemensSiplus Hmi Ktp400 Basic Firmware Version17.0 Update-
   SiemensSiplus Hmi Ktp400 Basic Version-
SiemensSiplus Hmi Ktp400 Basic Firmware Version17.0 Updateudpate1
   SiemensSiplus Hmi Ktp400 Basic Version-
SiemensSiplus Hmi Ktp400 Basic Firmware Version17.0 Updateupdate2
   SiemensSiplus Hmi Ktp400 Basic Version-
SiemensSiplus Hmi Ktp400 Basic Firmware Version17.0 Updateupdate3
   SiemensSiplus Hmi Ktp400 Basic Version-
SiemensSiplus Hmi Ktp400 Basic Firmware Version17.0 Updateupdate4
   SiemensSiplus Hmi Ktp400 Basic Version-
SiemensSiplus Hmi Ktp700 Basic Firmware Version17.0 Update-
   SiemensSiplus Hmi Ktp700 Basic Version-
SiemensSiplus Hmi Ktp700 Basic Firmware Version17.0 Updateudpate1
   SiemensSiplus Hmi Ktp700 Basic Version-
SiemensSiplus Hmi Ktp700 Basic Firmware Version17.0 Updateupdate2
   SiemensSiplus Hmi Ktp700 Basic Version-
SiemensSiplus Hmi Ktp700 Basic Firmware Version17.0 Updateupdate3
   SiemensSiplus Hmi Ktp700 Basic Version-
SiemensSiplus Hmi Ktp700 Basic Firmware Version17.0 Updateupdate4
   SiemensSiplus Hmi Ktp700 Basic Version-
SiemensSiplus Hmi Ktp900 Basic Firmware Version17.0 Update-
   SiemensSiplus Hmi Ktp900 Basic Version-
SiemensSiplus Hmi Ktp900 Basic Firmware Version17.0 Updateudpate1
   SiemensSiplus Hmi Ktp900 Basic Version-
SiemensSiplus Hmi Ktp900 Basic Firmware Version17.0 Updateupdate2
   SiemensSiplus Hmi Ktp900 Basic Version-
SiemensSiplus Hmi Ktp900 Basic Firmware Version17.0 Updateupdate3
   SiemensSiplus Hmi Ktp900 Basic Version-
SiemensSiplus Hmi Ktp900 Basic Firmware Version17.0 Updateupdate4
   SiemensSiplus Hmi Ktp900 Basic Version-
SiemensSiplus Hmi Ktp1200 Basic Firmware Version17.0 Update-
   SiemensSiplus Hmi Ktp1200 Basic Version-
SiemensSiplus Hmi Ktp1200 Basic Firmware Version17.0 Updateudpate1
   SiemensSiplus Hmi Ktp1200 Basic Version-
SiemensSiplus Hmi Ktp1200 Basic Firmware Version17.0 Updateupdate2
   SiemensSiplus Hmi Ktp1200 Basic Version-
SiemensSiplus Hmi Ktp1200 Basic Firmware Version17.0 Updateupdate3
   SiemensSiplus Hmi Ktp1200 Basic Version-
SiemensSiplus Hmi Ktp1200 Basic Firmware Version17.0 Updateupdate4
   SiemensSiplus Hmi Ktp1200 Basic Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.04% 0.113
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.