CVE-2022-46352Uncontrolled Resource Consumption in Siemens Scalance X204rna

CWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 32.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Siemens 6gk5204-0ba00-2kb2 FirmwareSiemens 6gk5204-0ba00-2mb2 FirmwareSiemens 6gk5204-0bs00-2na3 Firmware+4 more
Timeline
PublishedDec 13

Description

A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). Specially crafted PROFINET DCP packets could cause a denial of service condition of affected products.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages7 packages

CVEListV5siemens/scalance_x204rnaAll versions < V3.2.7
CVEListV5siemens/scalance_x204rna_eecAll versions < V3.2.7

Patches

Patch: cert-portal.siemens.comPatch: cert-portal.siemens.com

🔴Vulnerability Details

2
CVEList
CVE-2022-46352: A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V32022-12-13
GHSA
GHSA-8hgr-9vmc-8gqj: A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V32022-12-13
CVE-2022-46352 — Uncontrolled Resource Consumption | cvebase