CVE-2022-31766

{"id": "CVE-2022-31766", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "productcert@siemens.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2022-10-11T11:15:09.810", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf", "tags": ["Vendor Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets.\r\nThis could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (Todas las versiones anteriores a V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (Todas las versiones anteriores a V7.1.2), SCALANCE M804PB (Todas las versiones anteriores a V7.1. 2), SCALANCE M812-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1.2), SCALANCE M812-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M816-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1. 2), SCALANCE M816-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M826-2 SHDSL-Router (Todas las versiones anteriores a V7.1.2), SCALANCE M874-2 (Todas las versiones anteriores a V7.1.2), SCALANCE M874-3 (Todas las versiones anteriores a V7. 1.2), SCALANCE M876-3 (EVDO) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-3 (ROK) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (NAM) (Todas las versiones anteriores a V7. 1.2), SCALANCE MUM853-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (RoW) (Todas las versiones anteriores a V7.1.2), SCALANCE S615 (Todas las versiones anteriores a V7. 1.2), SCALANCE WAM763-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 6GHz (Todas las versiones posteriores a V1.1. 0 incluy\u00e9ndola), SCALANCE WAM766-1 EEC (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 EEC (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WAM766-1 EEC 6GHz (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM763-1 (Todas las versiones posteriores a V1. 1.0 incluy\u00e9ndola), SCALANCE WUM763-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM766-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM766-1 (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola), SCALANCE WUM766-1 6GHz (Todas las versiones posteriores a V1.1.0 incluy\u00e9ndola). Los dispositivos afectados con el servicio de eventos TCP activado no manejan apropiadamente los paquetes malformados. Esto podr\u00eda permitir a un atacante remoto no autenticado causar una denegaci\u00f3n de servicio y reiniciar el dispositivo, lo que podr\u00eda afectar a otros recursos de red"}], "lastModified": "2023-11-07T03:47:41.190", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0929F4C-9E86-4716-817F-DFACA179B3A2", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "284DF779-D900-48B4-A177-7281CD445AB5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE36E468-BED7-4F69-B96B-37475B898698", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A20C960-61EB-4C18-AD1B-A4D3D51D16C0", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m812-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "31EAEF72-8B41-44E0-A33B-753AF85A3106"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07969DC2-4B5F-4E16-8537-2AF2ADCE2F6F", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m816-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5908438F-2575-46EB-AC96-5F33D018AFAC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AED73587-12BD-4F94-BCFB-16AD60B1A973", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DBB2514-5AFC-44C8-B514-938AFBDB38BD", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4488D9A-7EFD-49BB-B981-82FEAA32C4A6", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3854542-6F44-4444-B610-8E7FE364CFF4", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5B311B0-951A-49CF-9A46-8E01DE9A5079", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "424A24E1-78AF-4C83-B4BD-89D67E3A5A88", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum853-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6F56875A-B2B3-471F-ADAC-574C55E1D86A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF3B5A56-F9ED-44F8-A02D-246F83D160FF", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_mum856-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "17BEBCAB-D640-4F6D-9579-4A54C76D80F8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4853998E-7671-4F78-BE2D-88D788686181", "versionEndExcluding": "7.1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_wam763-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EF8DB32-D523-43A3-B787-D5D391820D37", "versionStartIncluding": "1.1.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1AAE316D-6BA6-4C3F-9EE1-E23E4CB6FD19"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C33F8E91-AAAE-458A-8690-2B69894DE9B7", "versionStartIncluding": "1.1.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AA96B540-439B-4A1A-9D7D-C45AEFBC7BE6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_wum763-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB951482-45DB-4224-BD14-DFB54362AE80", "versionStartIncluding": "1.1.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C501445F-BDF6-4A0A-85FD-E6BFBF0A3C6F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_wum766-1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C84B33EE-C895-434B-AB8F-53D4B54D1D1F", "versionStartIncluding": "1.1.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4EB15599-F795-4D24-A4A6-CD826F6A7A13"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:*:*:*:*:*:*:ecc:*", "vulnerable": true, "matchCriteriaId": "57F1D7C6-7C13-4FFB-909C-B4B23A645F60", "versionStartIncluding": "1.1.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:ecc:*", "vulnerable": false, "matchCriteriaId": "8168477E-7D2E-4575-8864-9B4FD152CD61"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "productcert@siemens.com"}