ID

VAR-202212-1136


CVE

CVE-2022-46143


TITLE

Vulnerability in multiple Siemens products related to improper validation of quantities specified in inputs

Trust: 0.8

sources: JVNDB: JVNDB-2022-023553

DESCRIPTION

Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. ruggedcom rm1224 lte(4g) eu firmware, ruggedcom rm1224 lte(4g) nam firmware, scalance m804pb Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Information may be obtained. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers. The Siemens SCALANCE M-800/S615 series has an information disclosure vulnerability due to the affected device not properly checking the TFTP block size

Trust: 2.16

sources: NVD: CVE-2022-46143 // JVNDB: JVNDB-2022-023553 // CNVD: CNVD-2023-97251

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-97251

AFFECTED PRODUCTS

vendor:siemensmodel:scalance m876-4scope:ltversion:v8.0

Trust: 1.8

vendor:siemensmodel:scalance m812-1 adsl-routerscope:ltversion:v8.0

Trust: 1.2

vendor:siemensmodel:scalance m816-1 adsl-routerscope:ltversion:v8.0

Trust: 1.2

vendor:siemensmodel:scalance m876-3scope:ltversion:v8.0

Trust: 1.2

vendor:siemensmodel:scalance mum856-1scope:ltversion:v8.0

Trust: 1.2

vendor:siemensmodel:scalance w778-1 m12 eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w788-2 m12scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance m812-1 adsl-routerscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xc206-2g poe eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance sc636-2cscope:ltversion:2.3

Trust: 1.0

vendor:siemensmodel:scalance xp208eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w1788-2 eec m12scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w788-1 m12scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xb213-3ldscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w761-1 rj45scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w774-1 m12 eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w1788-2ia m12scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xf204-2bascope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc208 eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xp216poe eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc224scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc216-4cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance mum853-1scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance w786-2 sfpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xp216eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:siplus net scalance xc208scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:ruggedcom rm1224 lte\ euscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xr326-2c poescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xb213-3scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w721-1 rj45scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xc206-2sfp eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:siplus net scalance xc216-4cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wam766-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w1788-2 m12scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xp208scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xr328-4c wgscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xb205-3scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w788-1 rj45scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc224-4c g eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc216scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance m816-1 adsl-routerscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance s615 eecscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance m804pbscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xr524-8cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:siplus net scalance xc206-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc206-2g poescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance sc622-2cscope:ltversion:2.3

Trust: 1.0

vendor:siemensmodel:ruggedcom rm1224 lte\ namscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance w786-2ia rj45scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc216eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wum763-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wum766-1 6ghzscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc216-4c gscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance m876-4scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xf204 dnascope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wam766-1 6ghzscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance m826-2 shdsl-routerscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xm416-4cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w738-1 m12scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance w1788-1 m12scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xp208poe eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc208 poescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xr526-8cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc206-2sfp g eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wam766-1 eccscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w748-1 m12scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xc224-4c gscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w774-1 rj45scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xr552-12mscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance s615scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance w722-1 rj45scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xm408-4cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc206-2sfp gscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w774-1 m12 rj45scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance sc632-2cscope:ltversion:2.3

Trust: 1.0

vendor:siemensmodel:scalance w734-1 rj45scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance sc646-2cscope:ltversion:2.3

Trust: 1.0

vendor:siemensmodel:scalance m874-3scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance sc626-2cscope:ltversion:2.3

Trust: 1.0

vendor:siemensmodel:scalance xc216-3g poescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w786-2 rj45scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xr528-6mscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w1748-1 m12scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w786-1 rj45scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xm408-8cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance m874-2scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance wam763-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w778-1 m12scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wum766-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc206-2sfpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc208scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xp216scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance sc642-2cscope:ltversion:2.3

Trust: 1.0

vendor:siemensmodel:scalance xb216scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc216-4c g eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xr324wgscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xc206-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xr326-2cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:siplus net scalance xc206-2sfpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w788-2 m12 eecscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance mum856-1scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance m876-3scope:eqversion:*

Trust: 1.0

vendor:siemensmodel:scalance xb208scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xf204scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xb205-3ldscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance xf204-2bca dnascope:eqversion: -

Trust: 1.0

vendor:シーメンスmodel:scalance s615 eecscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance m812-1 adsl-routerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance m876-4scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance s615scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:ruggedcom rm1224 lte euscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance sc-622-2cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance sc-636-2cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:ruggedcom rm1224 lte namscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance m816-1 adsl-routerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance mum856-1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance m876-3scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance sc626-2cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance m874-3scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance sc-642-2cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance mum853-1scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance m826-2 shdsl-routerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance m804pbscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance sc-646-2cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance sc-632-2cscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:scalance m874-2scope: - version: -

Trust: 0.8

vendor:siemensmodel:ruggedcom rm1224 lte euscope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:ruggedcom rm1224 lte namscope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance m804pbscope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance m826-2 shdsl-routerscope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance m874-2scope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance m874-3scope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance mum853-1scope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance s615scope:ltversion:v8.0

Trust: 0.6

vendor:siemensmodel:scalance s615 eecscope:ltversion:v8.0

Trust: 0.6

sources: CNVD: CNVD-2023-97251 // JVNDB: JVNDB-2022-023553 // NVD: CVE-2022-46143

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2022-46143
value: LOW

Trust: 1.0

nvd@nist.gov: CVE-2022-46143
value: LOW

Trust: 1.0

OTHER: JVNDB-2022-023553
value: LOW

Trust: 0.8

CNVD: CNVD-2023-97251
value: LOW

Trust: 0.6

CNNVD: CNNVD-202212-3089
value: LOW

Trust: 0.6

CNVD: CNVD-2023-97251
severity: LOW
baseScore: 3.3
vectorString: AV:N/AC:L/AU:M/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: MULTIPLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2022-46143
baseSeverity: LOW
baseScore: 2.7
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.2
impactScore: 1.4
version: 3.1

Trust: 2.0

OTHER: JVNDB-2022-023553
baseSeverity: LOW
baseScore: 2.7
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2023-97251 // JVNDB: JVNDB-2022-023553 // CNNVD: CNNVD-202212-3089 // NVD: CVE-2022-46143 // NVD: CVE-2022-46143

PROBLEMTYPE DATA

problemtype:CWE-1284

Trust: 1.0

problemtype:Improper validation of quantity specified in input (CWE-1284) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-023553 // NVD: CVE-2022-46143

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202212-3089

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202212-3089

PATCH

title:Patch for Siemens SCALANCE M-800/S615 series information leakage vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/500346

Trust: 0.6

title:Siemens part of the product Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=218338

Trust: 0.6

sources: CNVD: CNVD-2023-97251 // CNNVD: CNNVD-202212-3089

EXTERNAL IDS

db:NVDid:CVE-2022-46143

Trust: 3.8

db:SIEMENSid:SSA-413565

Trust: 2.4

db:SIEMENSid:SSA-180704

Trust: 1.6

db:ICS CERTid:ICSA-22-349-04

Trust: 1.4

db:JVNid:JVNVU91561630

Trust: 0.8

db:JVNDBid:JVNDB-2022-023553

Trust: 0.8

db:CNVDid:CNVD-2023-97251

Trust: 0.6

db:CNNVDid:CNNVD-202212-3089

Trust: 0.6

sources: CNVD: CNVD-2023-97251 // JVNDB: JVNDB-2022-023553 // CNNVD: CNNVD-202212-3089 // NVD: CVE-2022-46143

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf

Trust: 2.4

url:https://cert-portal.siemens.com/productcert/html/ssa-180704.html

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/html/ssa-413565.html

Trust: 1.0

url:https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf

Trust: 1.0

url:https://jvn.jp/vu/jvnvu91561630/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-46143

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-04

Trust: 0.8

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-349-04

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-46143/

Trust: 0.6

sources: CNVD: CNVD-2023-97251 // JVNDB: JVNDB-2022-023553 // CNNVD: CNNVD-202212-3089 // NVD: CVE-2022-46143

CREDITS

Siemens reported these vulnerabilities to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202212-3089

SOURCES

db:CNVDid:CNVD-2023-97251
db:JVNDBid:JVNDB-2022-023553
db:CNNVDid:CNNVD-202212-3089
db:NVDid:CVE-2022-46143

LAST UPDATE DATE

2024-08-14T12:11:36.523000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-97251date:2023-12-13T00:00:00
db:JVNDBid:JVNDB-2022-023553date:2023-11-29T03:03:00
db:CNNVDid:CNNVD-202212-3089date:2022-12-20T00:00:00
db:NVDid:CVE-2022-46143date:2024-08-13T08:15:05.483

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-97251date:2023-12-14T00:00:00
db:JVNDBid:JVNDB-2022-023553date:2023-11-29T00:00:00
db:CNNVDid:CNNVD-202212-3089date:2022-12-13T00:00:00
db:NVDid:CVE-2022-46143date:2022-12-13T16:15:25.137