cbcvebase.
CVE-2022-29873
published 2022-05-20

CVE-2022-29873: A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of certain GET and POST requests…

critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device.

Affected

37 ranges· showing 25
VendorProductVersion rangeFixed in
siemens7kg8500-0aa00-0aa0_firmware< 3.003.00
siemens7kg8500-0aa00-2aa0_firmware< 3.003.00
siemens7kg8500-0aa10-0aa0_firmware< 3.003.00
siemens7kg8500-0aa10-2aa0_firmware< 3.003.00
siemens7kg8500-0aa30-0aa0_firmware< 3.003.00
siemens7kg8500-0aa30-2aa0_firmware< 3.003.00
siemens7kg8501-0aa01-0aa0_firmware< 3.003.00
siemens7kg8501-0aa01-2aa0_firmware< 3.003.00
siemens7kg8501-0aa02-0aa0_firmware< 3.003.00
siemens7kg8501-0aa02-2aa0_firmware< 3.003.00
siemens7kg8501-0aa11-0aa0_firmware< 3.003.00
siemens7kg8501-0aa11-2aa0_firmware< 3.003.00
siemens7kg8501-0aa12-0aa0_firmware< 3.003.00
siemens7kg8501-0aa12-2aa0_firmware< 3.003.00
siemens7kg8501-0aa31-0aa0_firmware< 3.003.00
siemens7kg8501-0aa31-2aa0_firmware< 3.003.00
siemens7kg8501-0aa32-0aa0_firmware< 3.003.00
siemens7kg8501-0aa32-2aa0_firmware< 3.003.00
siemens7kg8550-0aa00-0aa0_firmware< 3.003.00
siemens7kg8550-0aa00-2aa0_firmware< 3.003.00
siemens7kg8550-0aa10-0aa0_firmware< 3.003.00
siemens7kg8550-0aa10-2aa0_firmware< 3.003.00
siemens7kg8550-0aa30-0aa0_firmware< 3.003.00
siemens7kg8550-0aa30-2aa0_firmware< 3.003.00
siemens7kg8551-0aa01-0aa0_firmware< 3.003.00