A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.
This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
History
07 Nov 2023, 03:47
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources. |
14 Mar 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources. |
10 Jan 2023, 12:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources. |
14 Oct 2022, 17:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_mum856-1:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_mum853-1:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_wam763-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_mum853-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:ecc:* cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_m812-1:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_wum763-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_wum766-1_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:ecc:* cpe:2.3:h:siemens:scalance_m816-1:-:*:*:*:*:*:*:* |
|
References | (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf - Vendor Advisory | |
First Time |
Siemens scalance S615 Firmware
Siemens scalance Mum853-1 Firmware Siemens scalance Wam766-1 Siemens ruggedcom Rm1224 Firmware Siemens scalance M874-3 Firmware Siemens scalance M816-1 Siemens scalance M874-2 Firmware Siemens scalance M874-3 Siemens scalance S615 Siemens scalance Wam763-1 Siemens scalance M874-2 Siemens scalance Wum763-1 Siemens ruggedcom Rm1224 Siemens scalance Wam766-1 Firmware Siemens scalance M812-1 Firmware Siemens scalance Wum763-1 Firmware Siemens scalance Mum856-1 Firmware Siemens scalance Wum766-1 Firmware Siemens scalance M876-3 Siemens Siemens scalance M876-3 Firmware Siemens scalance Wum766-1 Siemens scalance M876-4 Siemens scalance M816-1 Firmware Siemens scalance M812-1 Siemens scalance M826-2 Firmware Siemens scalance M826-2 Siemens scalance Mum853-1 Siemens scalance Wam763-1 Firmware Siemens scalance M804pb Siemens scalance M804pb Firmware Siemens scalance Mum856-1 Siemens scalance M876-4 Firmware |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.6 |
11 Oct 2022, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-11 11:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-31766
Mitre link : CVE-2022-31766
CVE.ORG link : CVE-2022-31766
JSON object : View
Products Affected
siemens
- scalance_wum763-1_firmware
- scalance_m816-1
- scalance_m874-2_firmware
- scalance_wam766-1
- scalance_m876-3
- scalance_wam766-1_firmware
- scalance_m816-1_firmware
- ruggedcom_rm1224
- scalance_wam763-1
- scalance_wam763-1_firmware
- scalance_mum853-1
- scalance_m826-2
- scalance_wum763-1
- scalance_m876-3_firmware
- scalance_s615
- scalance_m804pb_firmware
- scalance_mum853-1_firmware
- scalance_m876-4_firmware
- scalance_s615_firmware
- scalance_mum856-1
- scalance_m812-1_firmware
- scalance_m826-2_firmware
- scalance_m876-4
- scalance_wum766-1_firmware
- scalance_m874-3
- scalance_m812-1
- scalance_wum766-1
- scalance_m804pb
- scalance_m874-2
- scalance_mum856-1_firmware
- scalance_m874-3_firmware
- ruggedcom_rm1224_firmware
CWE
CWE-20
Improper Input Validation