CVE-2022-26648

CWE-120 — Classic Buffer Overflow3 documents3 sources

Severity

7.5HIGH

EPSS

0.9%

top 24.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Scalance X204-2 Firmware Siemens Scalance X204-2fm Firmware Siemens Scalance X204-2ld Firmware +43 more

Timeline

PublishedJul 12

Latest updateJul 13

Description

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE…

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:HExploitability: 2.3 | Impact: 5.3

Affected Packages46 packages

▶CVEListV5siemens/scalance_x204irtAll versions < V5.5.2

▶CVEListV5siemens/scalance_x204irt_proAll versions < V5.5.2

▶CVEListV5siemens/scalance_x202-2irtAll versions < V5.5.2

▶NVDsiemens/scalance_x204-2_firmware< 5.2.6

▶NVDsiemens/scalance_x204-2fm_firmware< 5.2.6

Patches

Patch: cert-portal.siemens.com ↗Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-jw3g-4ppj-h5fr: A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions),↗2022-07-13

▶

CVEList

CVE-2022-26648: A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5↗2022-07-12

▶