CVE-2022-31766

Severity Score

8.6

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE S615 EEC (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.

Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (Todas las versiones anteriores a V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (Todas las versiones anteriores a V7.1.2), SCALANCE M804PB (Todas las versiones anteriores a V7.1. 2), SCALANCE M812-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1.2), SCALANCE M812-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M816-1 ADSL-Router (Anexo A) (Todas las versiones anteriores a V7.1. 2), SCALANCE M816-1 ADSL-Router (Anexo B) (Todas las versiones anteriores a V7.1.2), SCALANCE M826-2 SHDSL-Router (Todas las versiones anteriores a V7.1.2), SCALANCE M874-2 (Todas las versiones anteriores a V7.1.2), SCALANCE M874-3 (Todas las versiones anteriores a V7. 1.2), SCALANCE M876-3 (EVDO) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-3 (ROK) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE M876-4 (NAM) (Todas las versiones anteriores a V7. 1.2), SCALANCE MUM853-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (EU) (Todas las versiones anteriores a V7.1.2), SCALANCE MUM856-1 (RoW) (Todas las versiones anteriores a V7.1.2), SCALANCE S615 (Todas las versiones anteriores a V7. 1.2), SCALANCE WAM763-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 6GHz (Todas las versiones posteriores a V1.1. 0 incluyéndola), SCALANCE WAM766-1 EEC (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 EEC (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WAM766-1 EEC 6GHz (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM763-1 (Todas las versiones posteriores a V1. 1.0 incluyéndola), SCALANCE WUM763-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM766-1 (Todas las versiones posteriores a V1.1.0 incluyéndola), SCALANCE WUM766-1 6GHz (Todas las versiones posteriores a V1.1.0 incluyéndola). Los dispositivos afectados con el servicio de eventos TCP activado no manejan apropiadamente los paquetes malformados. Esto podría permitir a un atacante remoto no autenticado causar una denegación de servicio y reiniciar el dispositivo, lo que podría afectar a otros recursos de red

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.1.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.1.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.1.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.1.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.1.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.1.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.1.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.1.2), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions >= V1.1.0 < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions >= V1.1.0 < V3.0.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-05-27 CVE Reserved
2022-10-11 CVE Published
2025-02-11 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (2)

URL	Tag	Source
https://cert-portal.siemens.com/productcert/html/ssa-697140.html

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf	2023-11-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"	Ruggedcom Rm1224 Firmware Search vendor "Siemens" for product "Ruggedcom Rm1224 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Ruggedcom Rm1224 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Ruggedcom Rm1224 Search vendor "Siemens" for product "Ruggedcom Rm1224"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance M804pb Firmware Search vendor "Siemens" for product "Scalance M804pb Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance M804pb Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance M804pb Search vendor "Siemens" for product "Scalance M804pb"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance M812-1 Firmware Search vendor "Siemens" for product "Scalance M812-1 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance M812-1 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance M812-1 Search vendor "Siemens" for product "Scalance M812-1"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance M816-1 Firmware Search vendor "Siemens" for product "Scalance M816-1 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance M816-1 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance M816-1 Search vendor "Siemens" for product "Scalance M816-1"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance M826-2 Firmware Search vendor "Siemens" for product "Scalance M826-2 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance M826-2 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance M826-2 Search vendor "Siemens" for product "Scalance M826-2"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance M874-2 Firmware Search vendor "Siemens" for product "Scalance M874-2 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance M874-2 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance M874-2 Search vendor "Siemens" for product "Scalance M874-2"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance M874-3 Firmware Search vendor "Siemens" for product "Scalance M874-3 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance M874-3 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance M874-3 Search vendor "Siemens" for product "Scalance M874-3"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance M876-3 Firmware Search vendor "Siemens" for product "Scalance M876-3 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance M876-3 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance M876-3 Search vendor "Siemens" for product "Scalance M876-3"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance M876-4 Firmware Search vendor "Siemens" for product "Scalance M876-4 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance M876-4 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance M876-4 Search vendor "Siemens" for product "Scalance M876-4"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance Mum853-1 Firmware Search vendor "Siemens" for product "Scalance Mum853-1 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance Mum853-1 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance Mum853-1 Search vendor "Siemens" for product "Scalance Mum853-1"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance Mum856-1 Firmware Search vendor "Siemens" for product "Scalance Mum856-1 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance Mum856-1 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance Mum856-1 Search vendor "Siemens" for product "Scalance Mum856-1"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance S615 Firmware Search vendor "Siemens" for product "Scalance S615 Firmware"	< 7.1.2 Search vendor "Siemens" for product "Scalance S615 Firmware" and version " < 7.1.2"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance S615 Search vendor "Siemens" for product "Scalance S615"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance Wam763-1 Firmware Search vendor "Siemens" for product "Scalance Wam763-1 Firmware"	>= 1.1.0 Search vendor "Siemens" for product "Scalance Wam763-1 Firmware" and version " >= 1.1.0"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance Wam763-1 Search vendor "Siemens" for product "Scalance Wam763-1"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance Wam766-1 Firmware Search vendor "Siemens" for product "Scalance Wam766-1 Firmware"	>= 1.1.0 Search vendor "Siemens" for product "Scalance Wam766-1 Firmware" and version " >= 1.1.0"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance Wam766-1 Search vendor "Siemens" for product "Scalance Wam766-1"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance Wum763-1 Firmware Search vendor "Siemens" for product "Scalance Wum763-1 Firmware"	>= 1.1.0 Search vendor "Siemens" for product "Scalance Wum763-1 Firmware" and version " >= 1.1.0"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance Wum763-1 Search vendor "Siemens" for product "Scalance Wum763-1"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance Wum766-1 Firmware Search vendor "Siemens" for product "Scalance Wum766-1 Firmware"	>= 1.1.0 Search vendor "Siemens" for product "Scalance Wum766-1 Firmware" and version " >= 1.1.0"	-	Affected	in	Siemens Search vendor "Siemens"	Scalance Wum766-1 Search vendor "Siemens" for product "Scalance Wum766-1"	-	-	Safe
Siemens Search vendor "Siemens"	Scalance Wam766-1 Firmware Search vendor "Siemens" for product "Scalance Wam766-1 Firmware"	>= 1.1.0 Search vendor "Siemens" for product "Scalance Wam766-1 Firmware" and version " >= 1.1.0"	ecc	Affected	in	Siemens Search vendor "Siemens"	Scalance Wam766-1 Search vendor "Siemens" for product "Scalance Wam766-1"	-	ecc	Safe