CVE-2022-25752

CWE-3303 documents3 sources
Severity
9.8CRITICAL
EPSS
3.1%
top 13.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
49
Siemens Scalance X302-7eec FirmwareSiemens Scalance X304-2fe FirmwareSiemens Scalance X306-1ldfe Firmware+46 more
Timeline
PublishedApr 12
Latest updateApr 13

Description

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V),

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages49 packages

CVEListV5siemens/scalance_x307-2_eec_(230v)All versions < V4.1.4
CVEListV5siemens/scalance_x307-2_eec_(2x_230v)All versions < V4.1.4

Patches

Patch: cert-portal.siemens.comPatch: cert-portal.siemens.com

🔴Vulnerability Details

2
GHSA
GHSA-98j4-62cf-q97h: A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC2022-04-13
CVEList
CVE-2022-25752: A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC2022-04-12