CVE-2022-41665

EPSS 0.64%
Veröffentlicht 11.10.2022 11:15:11
Zuletzt bearbeitet 09.12.2025 16:17:16
Quelle productcert@siemens.com
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.10), SICAM T (All versions < V3.0). Affected devices do not properly validate the parameter of a specific GET request. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Siemens ≫ 7kg8500-0aa00-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8500-0aa00-0aa0 Version-

Siemens ≫ 7kg8500-0aa00-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8500-0aa00-2aa0 Version-

Siemens ≫ 7kg8500-0aa10-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8500-0aa10-0aa0 Version-

Siemens ≫ 7kg8500-0aa10-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8500-0aa10-2aa0 Version-

Siemens ≫ 7kg8500-0aa30-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8500-0aa30-0aa0 Version-

Siemens ≫ 7kg8500-0aa30-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8500-0aa30-2aa0 Version-

Siemens ≫ 7kg8501-0aa01-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa01-0aa0 Version-

Siemens ≫ 7kg8501-0aa01-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa01-2aa0 Version-

Siemens ≫ 7kg8501-0aa02-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa02-0aa0 Version-

Siemens ≫ 7kg8501-0aa02-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa02-2aa0 Version-

Siemens ≫ 7kg8501-0aa11-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa11-0aa0 Version-

Siemens ≫ 7kg8501-0aa11-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa11-2aa0 Version-

Siemens ≫ 7kg8501-0aa12-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa12-0aa0 Version-

Siemens ≫ 7kg8501-0aa12-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa12-2aa0 Version-

Siemens ≫ 7kg8501-0aa31-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa31-0aa0 Version-

Siemens ≫ 7kg8501-0aa31-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa31-2aa0 Version-

Siemens ≫ 7kg8501-0aa32-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa32-0aa0 Version-

Siemens ≫ 7kg8501-0aa32-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8501-0aa32-2aa0 Version-

Siemens ≫ 7kg8550-0aa00-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8550-0aa00-0aa0 Version-

Siemens ≫ 7kg8550-0aa00-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8550-0aa00-2aa0 Version-

Siemens ≫ 7kg8550-0aa10-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8550-0aa10-0aa0 Version-

Siemens ≫ 7kg8550-0aa10-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8550-0aa10-2aa0 Version-

Siemens ≫ 7kg8550-0aa30-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8550-0aa30-0aa0 Version-

Siemens ≫ 7kg8550-0aa30-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8550-0aa30-2aa0 Version-

Siemens ≫ 7kg8551-0aa01-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa01-0aa0 Version-

Siemens ≫ 7kg8551-0aa01-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa01-2aa0 Version-

Siemens ≫ 7kg8551-0aa02-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa02-0aa0 Version-

Siemens ≫ 7kg8551-0aa02-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa02-2aa0 Version-

Siemens ≫ 7kg8551-0aa11-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa11-0aa0 Version-

Siemens ≫ 7kg8551-0aa11-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa11-2aa0 Version-

Siemens ≫ 7kg8551-0aa12-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa12-0aa0 Version-

Siemens ≫ 7kg8551-0aa12-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa12-2aa0 Version-

Siemens ≫ 7kg8551-0aa31-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa31-0aa0 Version-

Siemens ≫ 7kg8551-0aa31-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa31-2aa0 Version-

Siemens ≫ 7kg8551-0aa32-0aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa32-0aa0 Version-

Siemens ≫ 7kg8551-0aa32-2aa0 Firmware Version < 3.10

Siemens ≫ 7kg8551-0aa32-2aa0 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.64%	0.697

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
productcert@siemens.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-141 Improper Neutralization of Parameter/Argument Delimiters

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter or argument delimiters when they are sent to a downstream component.

https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf

Patch

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-471761.html

https://cert-portal.siemens.com/productcert/html/ssa-572005.html

https://nvd.nist.gov/vuln/detail/CVE-2022-41665

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-41665

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-41665

EUVD