Vulnerability-Lookup

Affected: All versions < V2.50

Siemens	POWER METER SICAM Q100	Affected: All versions < V2.50
Siemens	POWER METER SICAM Q100	Affected: All versions < V2.50
Siemens	POWER METER SICAM Q100	Affected: All versions < V2.50
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:siemens:sicam_q100_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sicam_q100_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2.50",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:sicam_p850_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sicam_p850_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:siemens:sicam_p855_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "sicam_p855_firmware",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "3.10",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-43546",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T17:16:01.044378Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-21T16:08:33.311Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10). Affected devices do not properly validate the EndTime-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T09:58:41.480Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43546",
    "datePublished": "2022-11-08T00:00:00.000Z",
    "dateReserved": "2022-10-20T00:00:00.000Z",
    "dateUpdated": "2024-10-21T16:08:33.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-43439 (GCVE-0-2022-43439)

Vulnerability from cvelistv5 – Published: 2022-11-08 00:00 – Updated: 2025-12-09 10:44

Summary

A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions < V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions < V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions < V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions < V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions < V3.10), SICAM T (All versions < V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Severity ?

9.9 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE

CWE-20 - Improper Input Validation

Assigner

siemens

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/html/…
	https://cert-portal.siemens.com/productcert/html/…
	https://cert-portal.siemens.com/productcert/html/…
	https://cert-portal.siemens.com/productcert/html/…

Impacted products

Vendor

Product

Version

Affected: 0 , < V2.50 (custom)

Siemens	POWER METER SICAM Q100	Affected: 0 , < V2.50 (custom)
Siemens	POWER METER SICAM Q100	Affected: 0 , < V2.50 (custom)
Siemens	POWER METER SICAM Q100	Affected: 0 , < V2.50 (custom)
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM T	Affected: 0 , < V3.0 (custom)

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.174Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.50",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM T",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions \u003c V2.50), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions \u003c V2.50), SICAM P850 (7KG8500-0AA00-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA02-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA02-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA11-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA11-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA12-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA12-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA31-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA31-2AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA32-0AA0) (All versions \u003c V3.10), SICAM P850 (7KG8501-0AA32-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA00-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA00-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA10-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA10-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA30-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8550-0AA30-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA01-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA01-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA02-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA02-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA11-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA11-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA12-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA12-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA31-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA31-2AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA32-0AA0) (All versions \u003c V3.10), SICAM P855 (7KG8551-0AA32-2AA0) (All versions \u003c V3.10), SICAM T (All versions \u003c V3.0). Affected devices do not properly validate the Language-parameter in requests to the web interface on port  443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-09T10:44:06.193Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-572005.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-570294.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-887249.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-471761.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43439",
    "datePublished": "2022-11-08T00:00:00.000Z",
    "dateReserved": "2022-10-19T00:00:00.000Z",
    "dateUpdated": "2025-12-09T10:44:06.193Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-43398 (GCVE-0-2022-43398)

Vulnerability from cvelistv5 – Published: 2022-11-08 00:00 – Updated: 2024-08-03 13:32

Summary

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies. An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user's account through the activated session.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE

CWE-384 - Session Fixation

Assigner

siemens

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/pdf/s…

Impacted products

Vendor

Product

Version

Affected: All versions < V2.50

Siemens	POWER METER SICAM Q100	Affected: All versions < V2.50
Siemens	POWER METER SICAM Q100	Affected: All versions < V2.50
Siemens	POWER METER SICAM Q100	Affected: All versions < V2.50

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:58.148Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies.  An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user\u0027s account through the activated session."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-384",
              "description": "CWE-384: Session Fixation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T09:57:13.900Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43398",
    "datePublished": "2022-11-08T00:00:00.000Z",
    "dateReserved": "2022-10-18T00:00:00.000Z",
    "dateUpdated": "2024-08-03T13:32:58.148Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-43545 (GCVE-0-2022-43545)

Vulnerability from cvelistv5 – Published: 2022-11-08 00:00 – Updated: 2024-08-03 13:32

Summary

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P850 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10), SICAM P855 (All versions < V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device.

Severity ?

9.9 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE

CWE-20 - Improper Input Validation

Assigner

siemens

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/pdf/s…

Impacted products

Vendor

Product

Version

Affected: All versions < V2.50

Siemens	POWER METER SICAM Q100	Affected: All versions < V2.50
Siemens	POWER METER SICAM Q100	Affected: All versions < V2.50
Siemens	POWER METER SICAM Q100	Affected: All versions < V2.50
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P850	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10
Siemens	SICAM P855	Affected: All versions < V3.10

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:32:59.727Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "POWER METER SICAM Q100",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.50"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P850",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SICAM P855",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), POWER METER SICAM Q100 (All versions \u003c V2.50), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P850 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10), SICAM P855 (All versions \u003c V3.10). Affected devices do not properly validate the RecordType-parameter in requests to the web interface on port 443/tcp. This could allow an authenticated remote attacker to crash the device (followed by an automatic reboot) or to execute arbitrary code on the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-09T09:58:12.217Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-572005.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-43545",
    "datePublished": "2022-11-08T00:00:00.000Z",
    "dateReserved": "2022-10-20T00:00:00.000Z",
    "dateUpdated": "2024-08-03T13:32:59.727Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

BDU:2022-07322

Vulnerability from fstec - Published: 08.11.2022

Title

Уязвимость параметра Language веб-интерфейса микропрограммного обеспечения измерителя мощности POWER METER SICAM Q100, позволяющая нарушителю вывести устройство из строя (с последующей автоматической перезагрузкой) или выполнить произвольный код

Description

Уязвимость параметра Language веб-интерфейса микропрограммного обеспечения измерителя мощности POWER METER SICAM Q100 связана с ошибками при обработке входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вывести устройство из строя (с последующей автоматической перезагрузкой) или выполнить произвольный код

Severity ?


                    
                      AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor

Siemens AG

Software Name

POWER METER SICAM Q100

Software Version

до 2.50 (POWER METER SICAM Q100)

Possible Mitigations

Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков. Компенсирующие меры: - ограничение доступа к 443 TCP-порту; - применение механизма «белых» списков для доступа к веб-интерфейсу устройства; - сегментирование сети с целью ограничения доступа к промышленному оборудованию; - ограничение доступа из внешних сетей (Интернет); - использование средств межсетевого экранирования. Использование рекомендаций производителя: https://cert-portal.siemens.com/productcert/html/ssa-570294.html

Reference

https://cert-portal.siemens.com/productcert/html/ssa-570294.html

CWE

CWE-20

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Siemens AG",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 2.50 (POWER METER SICAM Q100)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432.\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a 443 TCP-\u043f\u043e\u0440\u0442\u0443;\n- \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u00ab\u0431\u0435\u043b\u044b\u0445\u00bb \u0441\u043f\u0438\u0441\u043a\u043e\u0432 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430;\n- \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0441 \u0446\u0435\u043b\u044c\u044e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044e;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442);\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://cert-portal.siemens.com/productcert/html/ssa-570294.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "08.11.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.06.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "22.12.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-07322",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-43439, SSA-570294",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "POWER METER SICAM Q100",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 Language \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0438\u0437\u043c\u0435\u0440\u0438\u0442\u0435\u043b\u044f \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0438 POWER METER SICAM Q100, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438\u0437 \u0441\u0442\u0440\u043e\u044f (\u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439) \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 Language \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0438\u0437\u043c\u0435\u0440\u0438\u0442\u0435\u043b\u044f \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u0438 POWER METER SICAM Q100 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u0438\u0437 \u0441\u0442\u0440\u043e\u044f (\u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439) \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cert-portal.siemens.com/productcert/html/ssa-570294.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0410\u0421\u0423 \u0422\u041f",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}

BDU:2022-07320

Vulnerability from fstec - Published: 08.11.2022

Title

Уязвимость параметра EndType веб-интерфейса микропрограммного обеспечения измерителя мощности POWER METER SICAM Q100, позволяющая нарушителю вывести устройство из строя (с последующей автоматической перезагрузкой) или выполнить произвольный код

Description

Уязвимость параметра EndType веб-интерфейса микропрограммного обеспечения измерителя мощности POWER METER SICAM Q100 связана с ошибками при обработке входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вывести устройство из строя (с последующей автоматической перезагрузкой) или выполнить произвольный код

Severity ?


                    
                      AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor

Siemens AG

Software Name

POWER METER SICAM Q100

Software Version

до 2.50 (POWER METER SICAM Q100)

Possible Mitigations

Reference

https://cert-portal.siemens.com/productcert/html/ssa-570294.html

CWE

CWE-20