cbcvebase.
CVE-2022-36323
published 2022-08-10

CVE-2022-36323: Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or…

high7.2CVSS 4.0
AVNACLPRHUINSUCHIHAH
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

Affected

119 ranges· showing 25
VendorProductVersion rangeFixed in
siemens6ag1206-2bb00-7ac2_firmware< 4.54.5
siemens6ag1206-2bs00-7ac2_firmware< 4.54.5
siemens6ag1208-0ba00-7ac2_firmware< 4.54.5
siemens6ag1216-4bs00-7ac2_firmware< 4.54.5
siemens6gk5204-0ba00-2gf2_firmware< 4.54.5
siemens6gk5204-0ba00-2yf2_firmware< 4.54.5
siemens6gk5204-2aa00-2gf2_firmware< 4.54.5
siemens6gk5204-2aa00-2yf2_firmware< 4.54.5
siemens6gk5205-3bb00-2ab2_firmware< 4.54.5
siemens6gk5205-3bb00-2tb2_firmware< 4.54.5
siemens6gk5205-3bd00-2ab2_firmware< 4.54.5
siemens6gk5205-3bd00-2tb2_firmware< 4.54.5
siemens6gk5205-3bf00-2ab2_firmware< 4.54.5
siemens6gk5205-3bf00-2tb2_firmware<= 4.5
siemens6gk5206-2bb00-2ac2_firmware< 4.54.5
siemens6gk5206-2bd00-2ac2_firmware< 4.54.5
siemens6gk5206-2bs00-2ac2_firmware< 4.54.5
siemens6gk5206-2bs00-2fc2_firmware< 4.54.5
siemens6gk5206-2gs00-2ac2_firmware< 4.54.5
siemens6gk5206-2gs00-2fc2_firmware< 4.54.5
siemens6gk5206-2gs00-2tc2_firmware< 4.54.5
siemens6gk5206-2rs00-2ac2_firmware< 4.54.5
siemens6gk5206-2rs00-5ac2_firmware< 4.54.5
siemens6gk5206-2rs00-5fc2_firmware< 4.54.5
siemens6gk5208-0ba00-2ab2_firmware< 4.54.5

CVSS provenance

nvdv4.09.4CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H