CVE-2022-45140

EPSS 1.45%
Veröffentlicht 27.02.2023 15:15:11
Zuletzt bearbeitet 21.11.2024 07:28:50
Quelle info@cert.vde.com
Teams Watchlist Login
Unerledigt Login

The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Wago ≫ 751-9301 Firmware Version >= 16 < 22

Wago ≫ 751-9301 Version-

Wago ≫ 751-9301 Firmware Version22 Update-

Wago ≫ 751-9301 Version-

Wago ≫ 751-9301 Firmware Version23

Wago ≫ 751-9301 Version-

Wago ≫ 752-8303/8000-002 Firmware Version >= 18 < 22

Wago ≫ 752-8303/8000-002 Version-

Wago ≫ 752-8303/8000-002 Firmware Version22 Update-

Wago ≫ 752-8303/8000-002 Version-

Wago ≫ 752-8303/8000-002 Firmware Version23

Wago ≫ 752-8303/8000-002 Version-

Wago ≫ Pfc100 Firmware Version >= 16 < 22

Wago ≫ Pfc100 Version-

Wago ≫ Pfc100 Firmware Version22 Update-

Wago ≫ Pfc100 Version-

Wago ≫ Pfc100 Firmware Version23

Wago ≫ Pfc100 Version-

Wago ≫ Pfc200 Firmware Version >= 16 < 22

Wago ≫ Pfc200 Version-

Wago ≫ Pfc200 Firmware Version22 Update-

Wago ≫ Pfc200 Version-

Wago ≫ Pfc200 Firmware Version23

Wago ≫ Pfc200 Version-

Wago ≫ Touch Panel 600 Advanced Firmware Version >= 16 < 22

Wago ≫ Touch Panel 600 Advanced Version-

Wago ≫ Touch Panel 600 Advanced Firmware Version22 Update-

Wago ≫ Touch Panel 600 Advanced Version-

Wago ≫ Touch Panel 600 Advanced Firmware Version23

Wago ≫ Touch Panel 600 Advanced Version-

Wago ≫ Touch Panel 600 Marine Firmware Version >= 16 < 22

Wago ≫ Touch Panel 600 Marine Version-

Wago ≫ Touch Panel 600 Marine Firmware Version22 Update-

Wago ≫ Touch Panel 600 Marine Version-

Wago ≫ Touch Panel 600 Marine Firmware Version23

Wago ≫ Touch Panel 600 Marine Version-

Wago ≫ Touch Panel 600 Standard Firmware Version >= 16 < 22

Wago ≫ Touch Panel 600 Standard Version-

Wago ≫ Touch Panel 600 Standard Firmware Version22 Update-

Wago ≫ Touch Panel 600 Standard Version-

Wago ≫ Touch Panel 600 Standard Firmware Version23

Wago ≫ Touch Panel 600 Standard Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.45%	0.789

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
info@cert.vde.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

https://cert.vde.com/en/advisories/VDE-2022-060/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-45140

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-45140

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-45140

EUVD