CVE-2022-43439

CWE-20 — Improper Input Validation3 documents3 sources

Severity

8.8HIGH

EPSS

2.0%

top 16.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Power Meter Sicam Q100 Siemens Sicam T Siemens 7kg9501-0aa01-2aa1 Firmware +3 more

Timeline

PublishedNov 8

Description

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions < V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 3.1 | Impact: 6.0

Affected Packages6 packages

▶CVEListV5siemens/sicam_p850All versions < V3.10

▶CVEListV5siemens/power_meter_sicam_q100< V2.50

▶CVEListV5siemens/sicam_p855All versions < V3.10

▶CVEListV5siemens/sicam_t< V3.0

▶NVDsiemens/7kg9501-0aa01-2aa1_firmware< 2.50

Patches

Patch: cert-portal.siemens.com ↗Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-hj8w-fgm6-wx7w: A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2↗2022-11-08

▶

CVEList

CVE-2022-43439: A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2↗2022-11-08

▶