CVE-2022-26648
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). Affected devices do not properly validate the GET parameter XNo of incoming HTTP requests. This could allow an unauthenticated remote attacker to crash affected devices.
Se ha identificado una vulnerabilidad en SCALANCE X200-4P IRT (Todas las versiones), SCALANCE X200-4P IRT (Todas las versiones), SCALANCE X201-3P IRT (Todas las versiones), SCALANCE X201-3P IRT (Todas las versiones), SCALANCE X201-3P IRT PRO (Todas las versiones) SCALANCE X202-2IRT (Todas las versiones), SCALANCE X202-2IRT (Todas las versiones), SCALANCE X202-2P IRT (Todas las versiones), SCALANCE X202-2P IRT (Todas las versiones), SCALANCE X202-2P IRT PRO (Todas las versiones), SCALANCE X202-2P IRT PRO (Todas las versiones), SCALANCE X204-2 (Todas las versiones anteriores a V5. 2.6), SCALANCE X204-2FM (Todas las versiones anteriores a V5.2.6), SCALANCE X204-2LD (Todas las versiones anteriores a V5.2.6), SCALANCE X204-2LD TS (Todas las versiones anteriores a V5.2.6), SCALANCE X204-2TS (Todas las versiones anteriores a V5.2. 6), SCALANCE X204IRT (Todas las versiones), SCALANCE X204IRT (Todas las versiones), SCALANCE X204IRT PRO (Todas las versiones), SCALANCE X204IRT PRO (Todas las versiones), SCALANCE X206-1 (Todas las versiones anteriores a V5.2.6), SCALANCE X206-1LD (Todas las versiones anteriores a V5. 2.6), SCALANCE X208 (Todas las versiones anteriores a V5.2.6), SCALANCE X208PRO (Todas las versiones anteriores a V5.2.6), SCALANCE X212-2 (Todas las versiones anteriores a V5.2.6), SCALANCE X212-2LD (Todas las versiones anteriores a V5.2.6), SCALANCE X216 (Todas las versiones anteriores a V5. 2.6), SCALANCE X224 (Todas las versiones anteriores a V5.2.6), SCALANCE XF201-3P IRT (Todas las versiones), SCALANCE XF202-2P IRT (Todas las versiones), SCALANCE XF204 (Todas las versiones anteriores a V5.2.6), SCALANCE XF204-2 (Todas las versiones anteriores a V5. 2.6), SCALANCE XF204-2BA IRT (Todas las versiones), SCALANCE XF204IRT (Todas las versiones), SCALANCE XF204IRT (Todas las versiones), SCALANCE XF206-1 (Todas las versiones anteriores a V5.2.6), SCALANCE XF208 (Todas las versiones anteriores a V5.2.6). Los dispositivos afectados no comprueban correctamente el parĂ¡metro GET XNo de las peticiones HTTP entrantes. Esto podrĂa permitir a un atacante remoto no autenticado bloquear los dispositivos afectados
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-03-07 CVE Reserved
- 2022-07-12 CVE Published
- 2024-02-02 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf | 2023-04-11 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Scalance X204-2 Firmware Search vendor "Siemens" for product "Scalance X204-2 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X204-2 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X204-2 Search vendor "Siemens" for product "Scalance X204-2" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X204-2fm Firmware Search vendor "Siemens" for product "Scalance X204-2fm Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X204-2fm Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X204-2fm Search vendor "Siemens" for product "Scalance X204-2fm" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X204-2ld Firmware Search vendor "Siemens" for product "Scalance X204-2ld Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X204-2ld Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X204-2ld Search vendor "Siemens" for product "Scalance X204-2ld" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X204-2ld Ts Firmware Search vendor "Siemens" for product "Scalance X204-2ld Ts Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X204-2ld Ts Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X204-2ld Ts Search vendor "Siemens" for product "Scalance X204-2ld Ts" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X204-2ts Firmware Search vendor "Siemens" for product "Scalance X204-2ts Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X204-2ts Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X204-2ts Search vendor "Siemens" for product "Scalance X204-2ts" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X206-1 Firmware Search vendor "Siemens" for product "Scalance X206-1 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X206-1 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X206-1 Search vendor "Siemens" for product "Scalance X206-1" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X206-1ld Firmware Search vendor "Siemens" for product "Scalance X206-1ld Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X206-1ld Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X206-1ld Search vendor "Siemens" for product "Scalance X206-1ld" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X208 Firmware Search vendor "Siemens" for product "Scalance X208 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X208 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X208 Search vendor "Siemens" for product "Scalance X208" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X208 Pro Firmware Search vendor "Siemens" for product "Scalance X208 Pro Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X208 Pro Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X208 Pro Search vendor "Siemens" for product "Scalance X208 Pro" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X212-2 Firmware Search vendor "Siemens" for product "Scalance X212-2 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X212-2 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X212-2 Search vendor "Siemens" for product "Scalance X212-2" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X212-2ld Firmware Search vendor "Siemens" for product "Scalance X212-2ld Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X212-2ld Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X212-2ld Search vendor "Siemens" for product "Scalance X212-2ld" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X216 Firmware Search vendor "Siemens" for product "Scalance X216 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X216 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X216 Search vendor "Siemens" for product "Scalance X216" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X224 Firmware Search vendor "Siemens" for product "Scalance X224 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance X224 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X224 Search vendor "Siemens" for product "Scalance X224" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf204 Firmware Search vendor "Siemens" for product "Scalance Xf204 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance Xf204 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf204 Search vendor "Siemens" for product "Scalance Xf204" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf204-2 Firmware Search vendor "Siemens" for product "Scalance Xf204-2 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance Xf204-2 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf204-2 Search vendor "Siemens" for product "Scalance Xf204-2" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf206-1 Firmware Search vendor "Siemens" for product "Scalance Xf206-1 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance Xf206-1 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf206-1 Search vendor "Siemens" for product "Scalance Xf206-1" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf208 Firmware Search vendor "Siemens" for product "Scalance Xf208 Firmware" | < 5.2.6 Search vendor "Siemens" for product "Scalance Xf208 Firmware" and version " < 5.2.6" | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf208 Search vendor "Siemens" for product "Scalance Xf208" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X200-4p Irt Firmware Search vendor "Siemens" for product "Scalance X200-4p Irt Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X200-4p Irt Search vendor "Siemens" for product "Scalance X200-4p Irt" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X201-3p Irt Firmware Search vendor "Siemens" for product "Scalance X201-3p Irt Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X201-3p Irt Search vendor "Siemens" for product "Scalance X201-3p Irt" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X201-3p Irt Pro Firmware Search vendor "Siemens" for product "Scalance X201-3p Irt Pro Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X201-3p Irt Pro Search vendor "Siemens" for product "Scalance X201-3p Irt Pro" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X202-2irt Firmware Search vendor "Siemens" for product "Scalance X202-2irt Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X202-2irt Search vendor "Siemens" for product "Scalance X202-2irt" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X202-2p Irt Firmware Search vendor "Siemens" for product "Scalance X202-2p Irt Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X202-2p Irt Search vendor "Siemens" for product "Scalance X202-2p Irt" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X202-2p Irt Pro Firmware Search vendor "Siemens" for product "Scalance X202-2p Irt Pro Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X202-2p Irt Pro Search vendor "Siemens" for product "Scalance X202-2p Irt Pro" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X204irt Firmware Search vendor "Siemens" for product "Scalance X204irt Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X204irt Search vendor "Siemens" for product "Scalance X204irt" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance X204irt Pro Firmware Search vendor "Siemens" for product "Scalance X204irt Pro Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance X204irt Pro Search vendor "Siemens" for product "Scalance X204irt Pro" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf201-3p Irt Firmware Search vendor "Siemens" for product "Scalance Xf201-3p Irt Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf201-3p Irt Search vendor "Siemens" for product "Scalance Xf201-3p Irt" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf202-2p Irt Firmware Search vendor "Siemens" for product "Scalance Xf202-2p Irt Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf202-2p Irt Search vendor "Siemens" for product "Scalance Xf202-2p Irt" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf204-2ba Irt Firmware Search vendor "Siemens" for product "Scalance Xf204-2ba Irt Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf204-2ba Irt Search vendor "Siemens" for product "Scalance Xf204-2ba Irt" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Scalance Xf204irt Firmware Search vendor "Siemens" for product "Scalance Xf204irt Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Scalance Xf204irt Search vendor "Siemens" for product "Scalance Xf204irt" | - | - |
Safe
|