Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU70423
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-46142
CWE-ID:
CWE-257 - Storing Passwords in a Recoverable Format
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to decrypt passwords.
The vulnerability exists due to the affected device stores the CLI user passwords encrypted in flash memory. An attacker with physical access can retrieve the file and decrypt the CLI user passwords.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM RM1224 LTE(4G) EU: All versions
RUGGEDCOM RM1224 LTE(4G) NAM: All versions
SCALANCE M804PB: All versions
SCALANCE M812-1 ADSL-Router (Annex A): All versions
SCALANCE M812-1 ADSL-Router (Annex B): All versions
SCALANCE M816-1 ADSL-Router (Annex A): All versions
SCALANCE M816-1 ADSL-Router (Annex B): All versions
SCALANCE M826-2 SHDSL-Router: All versions
SCALANCE M874-2: All versions
SCALANCE M874-3: All versions
SCALANCE M876-3: All versions
SCALANCE M876-3 (ROK): All versions
SCALANCE M876-4: All versions
SCALANCE M876-4 (EU): All versions
SCALANCE M876-4 (NAM): All versions
SCALANCE MUM853-1 (EU): All versions
SCALANCE MUM856-1 (EU): All versions
SCALANCE MUM856-1 (RoW): All versions
SCALANCE S615: All versions
SCALANCE S615 EEC: All versions
SCALANCE W721-1 RJ45: All versions
SCALANCE W722-1 RJ45: All versions
SCALANCE W734-1 RJ45: All versions
SCALANCE W734-1 RJ45 (USA): All versions
SCALANCE W738-1 M12: All versions
SCALANCE W748-1 M12: All versions
SCALANCE W748-1 RJ45: All versions
SCALANCE W761-1 RJ45: All versions
SCALANCE W774-1 M12 EEC: All versions
SCALANCE W774-1 RJ45: All versions
SCALANCE W774-1 RJ45 (USA): All versions
SCALANCE W778-1 M12: All versions
SCALANCE W778-1 M12 EEC: All versions
SCALANCE W778-1 M12 EEC (USA): All versions
SCALANCE W786-1 RJ45: All versions
SCALANCE W786-2 RJ45: All versions
SCALANCE W786-2 SFP: All versions
SCALANCE W786-2IA RJ45: All versions
SCALANCE W788-1 M12: All versions
SCALANCE W788-1 RJ45: All versions
SCALANCE W788-2 M12: All versions
SCALANCE W788-2 M12 EEC: All versions
SCALANCE W788-2 RJ45: All versions
SCALANCE W788-2 RJ45): All versions
SCALANCE W1748-1 M12: All versions
SCALANCE W1788-1 M12: All versions
SCALANCE W1788-2 EEC M12: All versions
SCALANCE W1788-2 M12: All versions
SCALANCE W1788-2IA M12: All versions
SCALANCE WAM763-1: All versions
SCALANCE WAM766-1: All versions
SCALANCE WAM766-1 6GHz: All versions
SCALANCE WAM766-1 EEC: All versions
SCALANCE WAM766-1 EEC 6GHz: All versions
SCALANCE WUM763-1: All versions
SCALANCE WUM766-1: All versions
SCALANCE WUM766-1 6GHz: All versions
SCALANCE XB205-3 (SC: All versions
PN): All versions
SCALANCE XB205-3 (ST: All versions
E/IP): All versions
SCALANCE XB205-3LD (SC: All versions
SCALANCE XB208 (E/IP): All versions
SCALANCE XB208 (PN): All versions
SCALANCE XB213-3 (SC: All versions
SCALANCE XB213-3 (ST: All versions
SCALANCE XB213-3LD (SC: All versions
SCALANCE XB216 (E/IP): All versions
SCALANCE XB216 (PN): All versions
SCALANCE XC206-2 (SC): All versions
SCALANCE XC206-2 (ST/BFOC): All versions
SCALANCE XC206-2G PoE: All versions
SCALANCE XC206-2G PoE EEC (54 V DC): All versions
SCALANCE XC206-2SFP: All versions
SCALANCE XC206-2SFP EEC: All versions
SCALANCE XC206-2SFP G: All versions
SCALANCE XC206-2SFP G (EIP DEF.): All versions
SCALANCE XC206-2SFP G EEC: All versions
SCALANCE XC208: All versions
SCALANCE XC208EEC: All versions
SCALANCE XC208G: All versions
SCALANCE XC208G (EIP def.): All versions
SCALANCE XC208G EEC: All versions
SCALANCE XC208G PoE: All versions
SCALANCE XC208G PoE (54 V DC): All versions
SCALANCE XC21: All versions
SCALANCE XC216-3G PoE: All versions
SCALANCE XC216-3G PoE (54 V DC): All versions
SCALANCE XC216-4C: All versions
SCALANCE XC216-4C G: All versions
SCALANCE XC216-4C G (EIP Def.): All versions
SCALANCE XC216-4C G EEC: All versions
SCALANCE XC216EEC: All versions
SCALANCE XC224: All versions
SCALANCE XC224-4C G: All versions
SCALANCE XC224-4C G (EIP Def.): All versions
SCALANCE XC224-4C G EEC: All versions
SCALANCE XF204: All versions
SCALANCE XF204 DNA: All versions
SCALANCE XF204-2BA: All versions
SCALANCE XF204-2BA DNA: All versions
SCALANCE XM408-4C: All versions
SCALANCE XM408-4C (L3 int.): All versions
SCALANCE XM408-8C: All versions
SCALANCE XM408-8C (L3 int.): All versions
SCALANCE XM416-4C: All versions
SCALANCE XM416-4C (L3 int.): All versions
SCALANCE XP208: All versions
SCALANCE XP208 (Ethernet/IP): All versions
SCALANCE XP208EEC: All versions
SCALANCE XP208PoE EEC: All versions
SCALANCE XP216: All versions
SCALANCE XP216 (Ethernet/IP): All versions
SCALANCE XP216EEC: All versions
SCALANCE XP216POE EEC: All versions
SCALANCE XR324WG: All versions
SCALANCE XR326-2C PoE WG: All versions
SCALANCE XR328-4C WG: All versions
SCALANCE XR524-8C 1x230V: All versions
SCALANCE XR524-8C 1x230V (L3 int.): All versions
SCALANCE XR524-8C 2x230V: All versions
SCALANCE XR524-8C 2x230V (L3 int.): All versions
SCALANCE XR524-8C 24V: All versions
SCALANCE XR524-8C 24V (L3 int.): All versions
SCALANCE XR526-8C 1x230V: All versions
SCALANCE XR526-8C 1x230V (L3 int.): All versions
SCALANCE XR526-8C 2x230V: All versions
SCALANCE XR526-8C 2x230V (L3 int.): All versions
SCALANCE XR526-8C 24V: All versions
SCALANCE XR526-8C 24V (L3 int.): All versions
SCALANCE XR528-6M: All versions
SCALANCE XR528-6M (2HR2): All versions
SCALANCE XR528-6M (2HR2: All versions
L3 int.): All versions
SCALANCE XR528-6M (L3 int.): All versions
SCALANCE XR552-12M: All versions
SCALANCE XR552-12M (2HR2: All versions
SIPLUS NET SCALANCE XC206-2: All versions
SIPLUS NET SCALANCE XC206-2SFP: All versions
SIPLUS NET SCALANCE XC208: All versions
SIPLUS NET SCALANCE XC216-4C: All versions
SCALANCE SC622-2C: before 3.0
SCALANCE SC626-2C: before 3.0
SCALANCE SC632-2C: before 3.0
SCALANCE SC636-2C: before 3.0
SCALANCE SC642-2C: before 3.0
SCALANCE SC646-2C: before 3.0
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU70424
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-46143
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information on the system.
The vulnerability exists due to the affected device does not check the TFTP blocksize correctly. A remote administrator can read from an uninitialized buffer that potentially contains previously allocated data.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM RM1224 LTE(4G) EU: All versions
RUGGEDCOM RM1224 LTE(4G) NAM: All versions
SCALANCE M804PB: All versions
SCALANCE M812-1 ADSL-Router (Annex A): All versions
SCALANCE M812-1 ADSL-Router (Annex B): All versions
SCALANCE M816-1 ADSL-Router (Annex A): All versions
SCALANCE M816-1 ADSL-Router (Annex B): All versions
SCALANCE M826-2 SHDSL-Router: All versions
SCALANCE M874-2: All versions
SCALANCE M874-3: All versions
SCALANCE M876-3: All versions
SCALANCE M876-3 (ROK): All versions
SCALANCE M876-4: All versions
SCALANCE M876-4 (EU): All versions
SCALANCE M876-4 (NAM): All versions
SCALANCE MUM853-1 (EU): All versions
SCALANCE MUM856-1 (EU): All versions
SCALANCE MUM856-1 (RoW): All versions
SCALANCE S615: All versions
SCALANCE S615 EEC: All versions
SCALANCE W721-1 RJ45: All versions
SCALANCE W722-1 RJ45: All versions
SCALANCE W734-1 RJ45: All versions
SCALANCE W734-1 RJ45 (USA): All versions
SCALANCE W738-1 M12: All versions
SCALANCE W748-1 M12: All versions
SCALANCE W748-1 RJ45: All versions
SCALANCE W761-1 RJ45: All versions
SCALANCE W774-1 M12 EEC: All versions
SCALANCE W774-1 RJ45: All versions
SCALANCE W774-1 RJ45 (USA): All versions
SCALANCE W778-1 M12: All versions
SCALANCE W778-1 M12 EEC: All versions
SCALANCE W778-1 M12 EEC (USA): All versions
SCALANCE W786-1 RJ45: All versions
SCALANCE W786-2 RJ45: All versions
SCALANCE W786-2 SFP: All versions
SCALANCE W786-2IA RJ45: All versions
SCALANCE W788-1 M12: All versions
SCALANCE W788-1 RJ45: All versions
SCALANCE W788-2 M12: All versions
SCALANCE W788-2 M12 EEC: All versions
SCALANCE W788-2 RJ45: All versions
SCALANCE W788-2 RJ45): All versions
SCALANCE W1748-1 M12: All versions
SCALANCE W1788-1 M12: All versions
SCALANCE W1788-2 EEC M12: All versions
SCALANCE W1788-2 M12: All versions
SCALANCE W1788-2IA M12: All versions
SCALANCE WAM763-1: All versions
SCALANCE WAM766-1: All versions
SCALANCE WAM766-1 6GHz: All versions
SCALANCE WAM766-1 EEC: All versions
SCALANCE WAM766-1 EEC 6GHz: All versions
SCALANCE WUM763-1: All versions
SCALANCE WUM766-1: All versions
SCALANCE WUM766-1 6GHz: All versions
SCALANCE XB205-3 (SC: All versions
PN): All versions
SCALANCE XB205-3 (ST: All versions
E/IP): All versions
SCALANCE XB205-3LD (SC: All versions
SCALANCE XB208 (E/IP): All versions
SCALANCE XB208 (PN): All versions
SCALANCE XB213-3 (SC: All versions
SCALANCE XB213-3 (ST: All versions
SCALANCE XB213-3LD (SC: All versions
SCALANCE XB216 (E/IP): All versions
SCALANCE XB216 (PN): All versions
SCALANCE XC206-2 (SC): All versions
SCALANCE XC206-2 (ST/BFOC): All versions
SCALANCE XC206-2G PoE: All versions
SCALANCE XC206-2G PoE EEC (54 V DC): All versions
SCALANCE XC206-2SFP: All versions
SCALANCE XC206-2SFP EEC: All versions
SCALANCE XC206-2SFP G: All versions
SCALANCE XC206-2SFP G (EIP DEF.): All versions
SCALANCE XC206-2SFP G EEC: All versions
SCALANCE XC208: All versions
SCALANCE XC208EEC: All versions
SCALANCE XC208G: All versions
SCALANCE XC208G (EIP def.): All versions
SCALANCE XC208G EEC: All versions
SCALANCE XC208G PoE: All versions
SCALANCE XC208G PoE (54 V DC): All versions
SCALANCE XC21: All versions
SCALANCE XC216-3G PoE: All versions
SCALANCE XC216-3G PoE (54 V DC): All versions
SCALANCE XC216-4C: All versions
SCALANCE XC216-4C G: All versions
SCALANCE XC216-4C G (EIP Def.): All versions
SCALANCE XC216-4C G EEC: All versions
SCALANCE XC216EEC: All versions
SCALANCE XC224: All versions
SCALANCE XC224-4C G: All versions
SCALANCE XC224-4C G (EIP Def.): All versions
SCALANCE XC224-4C G EEC: All versions
SCALANCE XF204: All versions
SCALANCE XF204 DNA: All versions
SCALANCE XF204-2BA: All versions
SCALANCE XF204-2BA DNA: All versions
SCALANCE XM408-4C: All versions
SCALANCE XM408-4C (L3 int.): All versions
SCALANCE XM408-8C: All versions
SCALANCE XM408-8C (L3 int.): All versions
SCALANCE XM416-4C: All versions
SCALANCE XM416-4C (L3 int.): All versions
SCALANCE XP208: All versions
SCALANCE XP208 (Ethernet/IP): All versions
SCALANCE XP208EEC: All versions
SCALANCE XP208PoE EEC: All versions
SCALANCE XP216: All versions
SCALANCE XP216 (Ethernet/IP): All versions
SCALANCE XP216EEC: All versions
SCALANCE XP216POE EEC: All versions
SCALANCE XR324WG: All versions
SCALANCE XR326-2C PoE WG: All versions
SCALANCE XR328-4C WG: All versions
SCALANCE XR524-8C 1x230V: All versions
SCALANCE XR524-8C 1x230V (L3 int.): All versions
SCALANCE XR524-8C 2x230V: All versions
SCALANCE XR524-8C 2x230V (L3 int.): All versions
SCALANCE XR524-8C 24V: All versions
SCALANCE XR524-8C 24V (L3 int.): All versions
SCALANCE XR526-8C 1x230V: All versions
SCALANCE XR526-8C 1x230V (L3 int.): All versions
SCALANCE XR526-8C 2x230V: All versions
SCALANCE XR526-8C 2x230V (L3 int.): All versions
SCALANCE XR526-8C 24V: All versions
SCALANCE XR526-8C 24V (L3 int.): All versions
SCALANCE XR528-6M: All versions
SCALANCE XR528-6M (2HR2): All versions
SCALANCE XR528-6M (2HR2: All versions
L3 int.): All versions
SCALANCE XR528-6M (L3 int.): All versions
SCALANCE XR552-12M: All versions
SCALANCE XR552-12M (2HR2: All versions
SIPLUS NET SCALANCE XC206-2: All versions
SIPLUS NET SCALANCE XC206-2SFP: All versions
SIPLUS NET SCALANCE XC208: All versions
SIPLUS NET SCALANCE XC216-4C: All versions
SCALANCE SC622-2C: before 3.0
SCALANCE SC626-2C: before 3.0
SCALANCE SC632-2C: before 3.0
SCALANCE SC636-2C: before 3.0
SCALANCE SC642-2C: before 3.0
SCALANCE SC646-2C: before 3.0
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU70421
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-46144
CWE-ID:
CWE-664 - Improper control of a resource through its lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the affected device does not properly process CLI commands after a user forcefully quitted the SSH connection. A remote user can cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSCALANCE SC622-2C: before 3.0
SCALANCE SC626-2C: before 3.0
SCALANCE SC632-2C: before 3.0
SCALANCE SC636-2C: before 3.0
SCALANCE SC642-2C: before 3.0
SCALANCE SC646-2C: before 3.0
External linkshttp://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.