Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU74346
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2022-47522
CWE-ID:
CWE-311 - Missing Encryption of Sensitive Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to the way Wi-Fi devices manage transmit queues. A remote attacker can force the device to send traffic unencrypted by manipulating the transmit queues.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE WUM766-1 (US): All versions
SCALANCE WUM766-1 (EU): All versions
SCALANCE WUM763-1): All versions
SCALANCE WAM766-1 EEC (US): All versions
SCALANCE WAM766-1 EEC (EU): All versions
SCALANCE WAM766-1 (US): All versions
SCALANCE WAM766-1 (EU): All versions
SCALANCE W778-1 M12 EEC (USA): All versions
SCALANCE W774-1 RJ45 (USA): All versions
SCALANCE W734-1 RJ45 (USA): All versions
SCALANCE W1748-1 M12: All versions
SCALANCE W788-2 RJ45: All versions
SCALANCE W788-2 M12 EEC: All versions
SCALANCE W788-2 M12: All versions
SCALANCE W788-1 RJ45: All versions
SCALANCE W788-1 M12: All versions
SCALANCE W786-2IA RJ45: All versions
SCALANCE W786-2 SFP: All versions
SCALANCE W786-2 RJ45: All versions
SCALANCE W786-1 RJ45: All versions
SCALANCE W778-1 M12 EEC: All versions
SCALANCE W778-1 M12: All versions
SCALANCE W774-1 RJ45: All versions
SCALANCE W774-1 M12 EEC: All versions
SCALANCE W761-1 RJ45: All versions
SCALANCE W748-1 RJ45: All versions
SCALANCE W748-1 M12: All versions
SCALANCE W738-1 M12: All versions
SCALANCE W734-1 RJ45: All versions
SCALANCE W722-1 RJ45: All versions
SCALANCE W721-1 RJ45: All versions
SCALANCE WUM763-1: All versions
SCALANCE WAM763-1: All versions
SCALANCE W1788-2IA M12: All versions
SCALANCE W1788-2 M12: All versions
SCALANCE W1788-2 EEC M12: All versions
SCALANCE W1788-1 M12: All versions
External linkshttp://cert-portal.siemens.com/productcert/txt/ssa-457702.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.