CVE-2022-34663 — Code Injection in Siemens Ruggedcom I800

CWE-94 — Code Injection3 documents3 sources

Severity

8.0HIGHNVD

EPSS

0.5%

top 34.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

153

Siemens Ruggedcom I800 Siemens Ruggedcom I800nc Siemens Ruggedcom I801 +150 more

Timeline

PublishedJul 12

Latest updateJul 13

Description

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP1…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages153 packages

▶CVEListV5siemens/ruggedcom_rs900mnc-gets-xx< V4.3.8

▶CVEListV5siemens/ruggedcom_rs900mnc-stnd-xx< V4.3.8

▶CVEListV5siemens/ruggedcom_rs900mnc-gets-c01< V4.3.8

▶CVEListV5siemens/ruggedcom_rs900mnc-stnd-xx-c01< V4.3.8

▶CVEListV5siemens/ruggedcom_rs900m-gets-xx< V4.3.8

Patches

Patch: cert-portal.siemens.com ↗Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-x5vm-27gq-cv9h: A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGG↗2022-07-13

▶

CVEList

CVE-2022-34663: A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM↗2022-07-12

▶