CVE-2022-26648

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X201-3P IRT PRO (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X202-2P IRT PRO (All versions), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions), SCALANCE X204IRT (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X204IRT PRO (All versions), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions), SCALANCE XF202-2P IRT (All versions), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF204IRT (All versions), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.

CVSS v3 8.2 HIGH
CVSS v2.0 7.8 HIGH

8.2^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.3 / Impact : 5.3

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope CHANGED

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf	Patch Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2fm_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2fm:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2ld:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:scalance_x204-2ts_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204-2ts:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:scalance_x206-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x206-1:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:scalance_x206-1ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x206-1ld:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:siemens:scalance_x208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x208:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:siemens:scalance_x208_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x208_pro:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:siemens:scalance_x212-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x212-2:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:siemens:scalance_x212-2ld_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x212-2ld:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:siemens:scalance_x216_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x216:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:siemens:scalance_x224_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x224:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:siemens:scalance_xf204_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:siemens:scalance_xf204-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:siemens:scalance_xf206-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf206-1:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:siemens:scalance_xf208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf208:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x200-4p_irt:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x201-3p_irt:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:siemens:scalance_x202-2irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2irt:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2p_irt:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:siemens:scalance_x204irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204irt:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:siemens:scalance_x204irt_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_x204irt_pro:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:siemens:scalance_xf204irt_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_xf204irt:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:54

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf - Patch, Vendor Advisory~~	() https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf - Patch, Vendor Advisory

15 Jul 2022, 17:26

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 7.8 v3 : 7.5
CPE		cpe:2.3:h:siemens:scalance_xf202-2p_irt:-:::::::* cpe:2.3:h:siemens:scalance_x204-2ld_ts:-:::::::* cpe:2.3:o:siemens:scalance_x206-1ld_firmware:::::::: cpe:2.3:h:siemens:scalance_x212-2:-:::::::* cpe:2.3:o:siemens:scalance_x202-2irt_firmware:::::::: cpe:2.3:h:siemens:scalance_xf204-2:-:::::::* cpe:2.3:o:siemens:scalance_x204-2fm_firmware:::::::: cpe:2.3:o:siemens:scalance_xf206-1_firmware:::::::: cpe:2.3:o:siemens:scalance_x204irt_pro_firmware:::::::: cpe:2.3:o:siemens:scalance_xf202-2p_irt_firmware:::::::: cpe:2.3:o:siemens:scalance_x204-2ld_ts_firmware:::::::: cpe:2.3:h:siemens:scalance_x216:-:::::::* cpe:2.3:h:siemens:scalance_xf204:-:::::::* cpe:2.3:o:siemens:scalance_x208_firmware:::::::: cpe:2.3:o:siemens:scalance_x201-3p_irt_pro_firmware:::::::: cpe:2.3:h:siemens:scalance_x200-4p_irt:-:::::::* cpe:2.3:o:siemens:scalance_x204-2_firmware:::::::: cpe:2.3:o:siemens:scalance_x204irt_firmware:::::::: cpe:2.3:o:siemens:scalance_x216_firmware:::::::: cpe:2.3:o:siemens:scalance_xf204-2_firmware:::::::: cpe:2.3:o:siemens:scalance_x204-2ts_firmware:::::::: cpe:2.3:h:siemens:scalance_x224:-:::::::* cpe:2.3:o:siemens:scalance_x201-3p_irt_firmware:::::::: cpe:2.3:h:siemens:scalance_x201-3p_irt:-:::::::* cpe:2.3:h:siemens:scalance_x208:-:::::::* cpe:2.3:o:siemens:scalance_x212-2ld_firmware:::::::: cpe:2.3:o:siemens:scalance_x212-2_firmware:::::::: cpe:2.3:h:siemens:scalance_x204irt:-:::::::* cpe:2.3:h:siemens:scalance_xf204irt:-:::::::* cpe:2.3:h:siemens:scalance_x204-2ld:-:::::::* cpe:2.3:h:siemens:scalance_x202-2p_irt_pro:-:::::::* cpe:2.3:o:siemens:scalance_x202-2p_irt_pro_firmware:::::::: cpe:2.3:h:siemens:scalance_x212-2ld:-:::::::* cpe:2.3:o:siemens:scalance_x200-4p_irt_firmware:::::::: cpe:2.3:h:siemens:scalance_x201-3p_irt_pro:-:::::::* cpe:2.3:h:siemens:scalance_x204-2fm:-:::::::* cpe:2.3:o:siemens:scalance_x206-1_firmware:::::::: cpe:2.3:h:siemens:scalance_xf201-3p_irt:-:::::::* cpe:2.3:h:siemens:scalance_x204-2ts:-:::::::* cpe:2.3:o:siemens:scalance_xf204irt_firmware:::::::: cpe:2.3:o:siemens:scalance_x202-2p_irt_firmware:::::::: cpe:2.3:o:siemens:scalance_x204-2ld_firmware:::::::: cpe:2.3:h:siemens:scalance_x202-2p_irt:-:::::::* cpe:2.3:h:siemens:scalance_x202-2irt:-:::::::* cpe:2.3:h:siemens:scalance_x208_pro:-:::::::* cpe:2.3:o:siemens:scalance_xf204-2ba_irt_firmware:::::::: cpe:2.3:h:siemens:scalance_x204irt_pro:-:::::::* cpe:2.3:h:siemens:scalance_xf204-2ba_irt:-:::::::* cpe:2.3:o:siemens:scalance_x208_pro_firmware:::::::: cpe:2.3:h:siemens:scalance_x204-2:-:::::::* cpe:2.3:o:siemens:scalance_xf208_firmware:::::::: cpe:2.3:o:siemens:scalance_x224_firmware:::::::: cpe:2.3:h:siemens:scalance_x206-1:-:::::::* cpe:2.3:o:siemens:scalance_xf204_firmware:::::::: cpe:2.3:h:siemens:scalance_xf206-1:-:::::::* cpe:2.3:h:siemens:scalance_xf208:-:::::::* cpe:2.3:h:siemens:scalance_x206-1ld:-:::::::* cpe:2.3:o:siemens:scalance_xf201-3p_irt_firmware::::::::
CWE		CWE-120
References	~~(CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf -~~	(CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf - Patch, Vendor Advisory

12 Jul 2022, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-07-12 10:15

Updated : 2024-11-21 06:54

NVD link : CVE-2022-26648

Mitre link : CVE-2022-26648

CVE.ORG link : CVE-2022-26648

JSON object : View

Products Affected

siemens

scalance_x202-2irt_firmware
scalance_xf204
scalance_xf202-2p_irt_firmware
scalance_xf201-3p_irt
scalance_x208
scalance_x204-2ld
scalance_x204-2fm_firmware
scalance_x224_firmware
scalance_x204irt_pro
scalance_x206-1ld
scalance_xf206-1
scalance_x212-2ld_firmware
scalance_xf204-2_firmware
scalance_x201-3p_irt_firmware
scalance_x204-2
scalance_x208_pro_firmware
scalance_x200-4p_irt
scalance_x202-2p_irt_pro_firmware
scalance_xf204_firmware
scalance_x212-2ld
scalance_xf204irt_firmware
scalance_x216_firmware
scalance_x201-3p_irt
scalance_x212-2_firmware
scalance_x202-2irt
scalance_x202-2p_irt_firmware
scalance_x208_firmware
scalance_x206-1
scalance_x204irt_firmware
scalance_x204irt
scalance_xf204-2ba_irt
scalance_x206-1ld_firmware
scalance_x201-3p_irt_pro_firmware
scalance_x204-2ld_firmware
scalance_x204-2fm
scalance_x212-2
scalance_xf204-2ba_irt_firmware
scalance_x224
scalance_x204-2_firmware
scalance_x208_pro
scalance_x216
scalance_x204-2ld_ts
scalance_x204-2ts_firmware
scalance_x201-3p_irt_pro
scalance_xf208_firmware
scalance_x202-2p_irt
scalance_x204irt_pro_firmware
scalance_x204-2ld_ts_firmware
scalance_xf208
scalance_xf202-2p_irt
scalance_x206-1_firmware
scalance_x202-2p_irt_pro
scalance_xf201-3p_irt_firmware
scalance_x204-2ts
scalance_xf204irt
scalance_xf206-1_firmware
scalance_xf204-2
scalance_x200-4p_irt_firmware

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

8.2 /10