CVE-2022-34464
published 2022-07-12CVE-2022-34464: A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.7.3). The affected application uses an improperly protected file to import…
PriorityP424medium5.5CVSS 3.1
AVLACLPRLUINSUCNIHAN
EPSS
0.37%
29.0th percentile
A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.7.3). The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that file.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sicam_gridedge | < V2.7.3 | V2.7.3 |
| siemens | sicam_gridedge_essential_gds_intel | < 2.7.3 | 2.7.3 |
| siemens | sicam_gridedge_essential_intel | < 2.7.3 | 2.7.3 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv4.05.3MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SICAM GridEdge
cisa_ics·2022-07-14·CVSS 5.3
[MEDIUM] Siemens SICAM GridEdge
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens SICAM GridEdge
Last RevisedJuly 14, 2022
Alert CodeICSA-22-195-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 6.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SICAM GridEdge
- Vulnerability: Exposure of Resource to Wrong Sphere
## 2. RISK EVALUATION
The SICAM GridEdge software contains an improper access control vulnerability, which could allow persons with local access to the host system to inject an SSH key.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of SICAM GridEdge are affected:
- SICAM GridEdge
GHSA
GHSA-xp6h-v5w9-gwqx: A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2
ghsa_unreviewed·2022-07-13
CVE-2022-34464 [MEDIUM] CWE-552 GHSA-xp6h-v5w9-gwqx: A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.3). Affected software uses an improperly protected file to import SSH keys. Attackers with access to the filesystem of the host on which SICAM GridEdge runs, are able to inject a custom SSH key to that file.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-07-12
Published