CVE-2022-40227

CWE-20Improper Input Validation3 documents3 sources
Severity
7.5HIGH
EPSS
0.1%
top 72.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
20
Siemens Simatic HMI Comfort Panels FirmwareSiemens Simatic HMI Ktp1200 Basic FirmwareSiemens Simatic HMI Ktp400 Basic Firmware+17 more
Timeline
PublishedOct 11

Description

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V17 Update 4), SIMATIC HMI KTP Mobile Panels (All versions < V17 Update 4), SIMATIC HMI KTP1200 Basic (All versions < V17 Update 5), SIMATIC HMI KTP400 Basic (All versions < V17 Update 5), SIMATIC HMI KTP700 Basic (All versions < V17 Update 5), SIMATIC HMI KTP900 Basic (All versions < V17 Update 5), SIPLUS HMI KTP1200 BASIC (All versions < V17 Update 5), SIPLUS HMI KTP400 BASIC (All versions

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages20 packages

CVEListV5siemens/simatic_hmi_ktp400_basicAll versions < V17 Update 5

🔴Vulnerability Details

2
CVEList
CVE-2022-40227: A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl2022-10-11
GHSA
GHSA-3w5w-5g86-h65c: A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl2022-10-11
CVE-2022-40227 (HIGH CVSS 7.5) | A vulnerability has been identified | cvebase.io